CVE-2023-41507 PoC — Super Store Finder SQL注入漏洞

Source

Associated Vulnerability

Description

CVE-2023-41507 A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel.

Readme

# CVE-2023-41507
CVE-2023-41507 - Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters.

## Vulnerability Type
SQL Injection

## Vendor of Product
[Super Store Finder](https://superstorefinder.net/)

## Affected Product Code Base
Super Store Finder - Affected version 3.6 or below. Fixed in version 3.7

## CVSS v3.1 Vector (Base Score)
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10.0)

## Affected Component
Affected backend DBMS

## Attack Type
Remote

## Impact Information Disclosure
true

## Attack Vectors
The 4 x parameters products, distance, lat, lng in the HTTP POST request are vulnerable to SQL Injection, no user interaction is required.

**Screenshot of the indicator of error-based SQL injection**
![Screenshot of the indicator of error-based SQL injection](/assets/images/sqli01.png)

**Screenshot of the Proof-of-Concept to extract the users table using SQLMap**
![Screenshot of the Proof-of-Concept to extract the users table using SQLMap](/assets/images/sqli02.png)

## Patch Notes
[https://superstorefinder.net/support/forums/topic/super-store-finder-patch-notes/](https://superstorefinder.net/support/forums/topic/super-store-finder-patch-notes/)

File Snapshot

 [4.0K]  /data/pocs/99e49313a654808cd6e27fe403f150f31f874d9b
├── [4.0K]  assets
│   └── [4.0K]  images
│       ├── [  14]  note.md
│       ├── [168K]  sqli01.jpg
│       ├── [180K]  sqli01.png
│       ├── [ 82K]  sqli02.jpg
│       └── [123K]  sqli02.png
├── [ 11K]  LICENSE
└── [1.3K]  README.md

2 directories, 7 files

Remarks