cve/CVE-2020-36112.md at 7482ec4521a75dd13882dc1283f17009c936e974

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-28 01:04:30 +00:00

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

CSE Bookstore version 1.0 is vulnerable to time-based blind, boolean-based blind and OR error-based SQL injection in pubid parameter in bookPerPub.php and in cart.php. A successful exploitation of this vulnerability will lead to an attacker dumping the entire database on which the web application is running.

POC

Reference

https://www.exploit-db.com/exploits/49314
https://www.exploit-db.com/exploits/49314

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/Elsfa7-110/kenzer-templates
https://github.com/StarCrossPortal/scalpel
https://github.com/anonymous364872/Rapier_Tool
https://github.com/apif-review/APIF_tool_2024
https://github.com/d4n-sec/d4n-sec.github.io
https://github.com/youcans896768/APIV_Tool

1.1 KiB Raw Blame History

CVE-2020-36112

Description

POC

Reference

Github

1.1 KiB

Raw Blame History