Jump to content

Webrun - 'P_0' SQL Injection

This CHT

Recommended Posts

  • Group:  The leader of the
  • Content Count:  4,798
  • Achievement Points:  31,700
  • With Us For:  233 Days
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows

# Exploit Title: Webrun - 'P_0' SQL Injection
# Google Dork: intitle:"Webrun"
# Date: 23/11/2021
# Exploit Author: Vinicius Alves
# Vendor Homepage: https://softwell.com.br/
# Version:
# Tested on: Kali Linux 2021.3
# CVE: CVE-2021-43650

=-=-=-= Description =-=-=-=

Webrun version is vulnerable to SQL Injection, applied to the P_0
parameter used to set the username during the login process.

=-=-=-= Exploiting =-=-=-=

In the post request, change the P_0 value to the following payload:

You will see some information like below:

interactionError('ERRO: sintaxe de entrada é inválida para tipo numeric:
\"qvvxq1qbzbq\"', null, null, null, '<b>

=-=-=-= POC =-=-=-=

If the return has the value 'qvvxq1qbzbq', you will be able to successfully
exploit this.

See an example of the complete POST parameter:

Link to comment
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...