lint and format fix
parent
724e350077
commit
19610568a3
|
@ -0,0 +1,29 @@
|
||||||
|
id: php-arcade-sqli
|
||||||
|
|
||||||
|
info:
|
||||||
|
name: PHP QUICK ARCADE 3.0.21 - SQL Injection
|
||||||
|
author: MaStErChO
|
||||||
|
severity: high
|
||||||
|
description: |
|
||||||
|
A vulnerability was found in Jcink PHP-Quick-Arcade 3.0.21 (Programming Language Software). It has been declared as critical. This vulnerability affects an unknown code of the file Arcade.php. The manipulation of the argument id with an unknown input leads to a sql injection vulnerability. The CWE definition for the vulnerability is CWE-89. The software constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component.
|
||||||
|
reference:
|
||||||
|
- https://www.exploit-db.com/exploits/29604
|
||||||
|
- https://vuldb.com/?id.53008
|
||||||
|
- https://github.com/OWASP/vbscan/
|
||||||
|
tags: arcade,sqli
|
||||||
|
|
||||||
|
http:
|
||||||
|
- method: GET
|
||||||
|
path:
|
||||||
|
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
|
||||||
|
|
||||||
|
matchers-condition: and
|
||||||
|
matchers:
|
||||||
|
- type: word
|
||||||
|
part: body
|
||||||
|
words:
|
||||||
|
- "mySQL error"
|
||||||
|
|
||||||
|
- type: status
|
||||||
|
status:
|
||||||
|
- 200
|
|
@ -1,30 +0,0 @@
|
||||||
id: arcade-php-sql-injection
|
|
||||||
|
|
||||||
info:
|
|
||||||
name: arcade.php SQL Injection
|
|
||||||
author: MaStErChO
|
|
||||||
severity: high
|
|
||||||
description: |
|
|
||||||
The arcade.php script is vulnerable to SQL injection. By exploiting this vulnerability, an attacker can manipulate the SQL queries executed by the script, potentially gaining unauthorized access to the database.
|
|
||||||
|
|
||||||
reference:
|
|
||||||
- https://www.exploit-db.com/exploits/29604
|
|
||||||
- https://github.com/OWASP/vbscan/
|
|
||||||
|
|
||||||
|
|
||||||
http:
|
|
||||||
- method: GET
|
|
||||||
path:
|
|
||||||
- "{{BaseURL}}/arcade.php?act=Arcade&do=stats&comment=a&s_id=1'"
|
|
||||||
|
|
||||||
matchers-condition: and
|
|
||||||
matchers:
|
|
||||||
- type: word
|
|
||||||
part: body
|
|
||||||
words:
|
|
||||||
- "mySQL error"
|
|
||||||
|
|
||||||
- type: status
|
|
||||||
status:
|
|
||||||
- 200
|
|
||||||
|
|
Loading…
Reference in New Issue