Continuing with the hunt on Sourcecodester Simple Cashiering System (POS) I also found multiple SQL injections.
- Vulnerable URL: http://localhost/cashiering/?page=pos
- Affected field: Product Code
- Payload: ' or '1
It will list all the product's list
- Vulnerable URL: http://localhost/cashiering/manage_products.php?id=1
- Affected field: id
- Payload: some SQLite3 injection
This one does not require authentication
- Vulnerable URL: POST http://localhost/cashiering/actions.php?a=searh_prod
- Affected parameter: t
Payload: some SQLite3 injection
All this bugs allow you to get all the data from the DB)).
Comentarios
Publicar un comentario