Skip to content
Nuclei Templates

PuneethReddyHC action.php SQL Injection

ID: CVE-2021-41648

Severity: high

Author: daffainfo

Tags: cve2021,cve,sqli,packetstorm,online-shopping-system-advanced_project

Description

Section titled “Description”

An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping through the /action.php prId parameter. Using a post request does not sanitize the user input.

YAML Source

Section titled “YAML Source”
id: CVE-2021-41648


info:
  name: PuneethReddyHC action.php SQL Injection
  author: daffainfo
  severity: high
  description: An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping through the /action.php prId parameter. Using a post request does not sanitize the user input.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation.
  remediation: |
    Upgrade to the latest version to mitigate this vulnerability.
  reference:
    - https://github.com/MobiusBinary/CVE-2021-41648
    - https://awesomeopensource.com/project/PuneethReddyHC/online-shopping-system
    - https://nvd.nist.gov/vuln/detail/CVE-2021-41649
    - http://packetstormsecurity.com/files/165036/PuneethReddyHC-Online-Shopping-System-Advanced-1.0-SQL-Injection.html
    - https://github.com/nu11secur1ty/Windows10Exploits
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 7.5
    cve-id: CVE-2021-41648
    cwe-id: CWE-89
    epss-score: 0.05423
    epss-percentile: 0.93138
    cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: online-shopping-system-advanced_project
    product: online-shopping-system-advanced
  tags: cve2021,cve,sqli,packetstorm,online-shopping-system-advanced_project


http:
  - method: POST
    path:
      - "{{BaseURL}}/action.php"


    body: "proId=1'&addToCart=1"


    matchers-condition: and
    matchers:
      - type: word
        part: header
        words:
          - "text/html"


      - type: word
        part: body
        words:
          - "Warning: mysqli_num_rows() expects parameter 1 to be"
          - "xdebug-error xe-warning"
        condition: and


      - type: status
        status:
          - 200
# digest: 4a0a0047304502210090129244e6a30ae929f74ac34dbeefc3d88c326acf6270a58e2040518f1d3d8d02205e99b6c17bc70f52bb59e2c519589a592a7c91c37891352dce18b663f3038d27:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-41648.yaml"

View on Github