Skip to content

Instantly share code, notes, and snippets.

@tonykuo76

tonykuo76/EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection.md Secret

Last active March 25, 2021 02:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tonykuo76/807c838b75879b0d327782dfcd2c3bea to your computer and use it in GitHub Desktop.
Save tonykuo76/807c838b75879b0d327782dfcd2c3bea to your computer and use it in GitHub Desktop.
Download ZIP
EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection
Raw
EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection.md

EXCELLENT INFOTEK BiYan Pre-Auth SQL Injection

Current Description

EXCELLENT INFOTEK BiYan v2.9~v3.0 has a SQL injection vulnerability, allowing execution of arbitrary SQL commands via <LOGIN_ID> parameter without authentication. The SQL commands can be executed for any user accessing the page. This vulnerability affects many systems of government and company.

Details

The injection point is <LOGIN_ID> parameter in "query_user_data.aspx".

It allows remote attackers to execute arbitrary SQL commands via <LOGIN_ID> paramemer without authentication.

Remote attackers can gain unauthorized data like user's account and password. When accessing a victim's account, remote attackers can modify the password. It compromised the confidentiality, integrity and availability of data and system.

Description

Remote attackers can execute arbitrary SQL commands without authentication.

Affected files

http://[Target Domain]/kw/docn/asp/query_user_data.aspx

Contributor

  • Tony Kuo (CHT Security)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment