PuneethReddyHC Online Shopping System homeaction.php SQL Injection
ID: CVE-2021-41649
Severity: critical
Author: daffainfo
Tags: cve2021,cve,sqli,injection,online-shopping-system-advanced_project
Description
Section titled “Description”An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.
YAML Source
Section titled “YAML Source”id: CVE-2021-41649
info: name: PuneethReddyHC Online Shopping System homeaction.php SQL Injection author: daffainfo severity: critical description: An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input. impact: | Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized access, data leakage, or data manipulation. remediation: | Upgrade to the latest version to mitigate this vulnerability. reference: - https://github.com/MobiusBinary/CVE-2021-41649 - https://awesomeopensource.com/project/PuneethReddyHC/online-shopping-system - https://nvd.nist.gov/vuln/detail/CVE-2021-41649 - https://github.com/ARPSyndicate/cvemon - https://github.com/Offensive-Penetration-Security/OPSEC-Hall-of-fame classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2021-41649 cwe-id: CWE-89 epss-score: 0.08507 epss-percentile: 0.94431 cpe: cpe:2.3:a:online-shopping-system-advanced_project:online-shopping-system-advanced:-:*:*:*:*:*:*:* metadata: max-request: 1 vendor: online-shopping-system-advanced_project product: online-shopping-system-advanced tags: cve2021,cve,sqli,injection,online-shopping-system-advanced_project
http: - method: POST path: - "{{BaseURL}}/homeaction.php"
body: "cat_id=4'&get_seleted_Category=1"
matchers-condition: and matchers: - type: word part: header words: - "text/html"
- type: word part: body words: - "Warning: mysqli_num_rows() expects parameter 1 to be" - "xdebug-error xe-warning" condition: and
- type: status status: - 200# digest: 490a00463044022043da42f65731076d5b86d9dc270d46212fabe70fbfa28de5df68a5859dadfe0e022020853d57f7feea6faf5e0ecaeb5fedae657fc66953ac4b66f197942af8ea25d7:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/cves/2021/CVE-2021-41649.yaml"