| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
| CVE-2020-36112 | 4 Jan 202115:15 | – | attackerkb | |
| CVE-2020-36112 | 4 Jan 202119:10 | – | circl | |
| Projectworlds Online Book Store Project In Php SQL注入漏洞 | 4 Jan 202100:00 | – | cnnvd | |
| Projectworlds Online Book Store Project In Php SQL Injection Vulnerability | 6 Jan 202100:00 | – | cnvd | |
| CSE Bookstore SQL Injection (CVE-2020-36112) | 16 Feb 202100:00 | – | checkpoint_advisories | |
| CVE-2020-36112 | 4 Jan 202114:46 | – | cve | |
| CVE-2020-36112 | 4 Jan 202114:46 | – | cvelist | |
| CVE-2020-36112 | 4 Jan 202115:15 | – | nvd | |
| CVE-2020-36112 | 4 Jan 202115:15 | – | osv | |
| Sql injection | 4 Jan 202115:15 | – | prion |
id: CVE-2020-36112
info:
name: CSE Bookstore 1.0 - SQL Injection
author: geeknik
severity: critical
description: CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database.
impact: |
Unauthenticated attackers can execute SQL injection to dump the entire database including sensitive student and administrative data.
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
reference:
- https://www.exploit-db.com/exploits/49314
- https://www.tenable.com/cve/CVE-2020-36112
- https://nvd.nist.gov/vuln/detail/CVE-2020-36112
- https://github.com/StarCrossPortal/scalpel
- https://github.com/anonymous364872/Rapier_Tool
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-36112
cwe-id: CWE-89
epss-score: 0.17166
epss-percentile: 0.96713
cpe: cpe:2.3:a:cse_bookstore_project:cse_bookstore:1.0:*:*:*:*:*:*:*
metadata:
max-request: 1
vendor: cse_bookstore_project
product: cse_bookstore
tags: cve,cve2020,sqli,cse,edb,tenable,cse_bookstore_project,vkev,vuln
http:
- raw:
- |
GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- "get book price failed! You have an error in your SQL syntax"
- "Can't retrieve data You have an error in your SQL syntax"
condition: or
# digest: 4a0a004730450220021c47dc838d7080e0a29a0c37360034064460b941478cc4f4f15d2b916c9bb7022100d5928c238407f8261575a7cb406cc366546d9597c17d509066dd8cdac2d0ccbf:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation