CVE-2022-32022 PoC — Car Rental Management System SQL注入漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-32022.yaml

Associated Vulnerability

Title:Car Rental Management System SQL注入漏洞 (CVE-2022-32022)
Description:Car Rental Management System是一个汽车租赁管理系统。 Car Rental Management System v1.0 存在安全漏洞，攻击者利用该漏洞可通过/ip/car-rental-management-system/admin/ajax.php?action=login进行SQL注入攻击。

Description

Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/ajax.php?action=login. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.

File Snapshot


 id: CVE-2022-32022

info:
  name: Car Rental Management System 1.0 - SQL Injection
  author: arafata

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!