Goby/json/ECShop-2.x_3.x-sqli.json

{
  "Name": "ECShop 2.x_3.x sqli",
  "Level": "3",
  "Tags": [
    "SQL Injection",
    "RCE"
  ],
  "GobyQuery": "app=\"ECShop\"",
  "Description": "ECShop is a B2C independent online store system, suitable for enterprises and individuals to quickly build personalized online stores. The system is a cross-platform open source program developed based on PHP language and MYSQL database framework. In its 2017 and previous versions, there is a SQL injection vulnerability, through which malicious data can be injected, which eventually leads to arbitrary code execution vulnerabilities",
  "Product": "ECShop",
  "Homepage": "https://www.ecshop.com/",
  "Author": "sharecast.net@gmail.com",
  "Impact": "<p>It can lead to data leakage<br></p>",
  "Recommandation": "<p>undefined</p>",
  "References": [
    "https://github.com/vulhub/vulhub/blob/master/ecshop/xianzhi-2017-02-82239600/README.zh-cn.md"
  ],
  "HasExp": true,
  "ExpParams": [
    {
      "name": "cmd",
      "type": "input",
      "value": "echo md5(2);"
    }
  ],
  "ExpTips": {
    "Type": "",
    "Content": ""
  },
  "ScanSteps": [
    "AND",
    {
      "Request": {
        "data": "",
        "data_type": "text",
        "follow_redirect": true,
        "method": "GET",
        "uri": "/"
      },
      "ResponseTest": {
        "checks": [
          {
            "bz": "",
            "operation": "==",
            "type": "item",
            "value": "200",
            "variable": "$code"
          }
        ],
        "operation": "AND",
        "type": "group"
      }
    }
  ],
  "ExploitSteps": null,
  "Tags": null,
  "CVEIDs": null,
  "CVSSScore": "0.0",
  "AttackSurfaces": {
    "Application": ["ECShop"],
    "Support": null,
    "Service": null,
    "System": null,
    "Hardware": null
  }
}