bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/webapps/49150.txt
Offensive Security 0ffa4d35c4 DB: 2020-12-03 
32 changes to exploits/shellcodes

aSc TimeTables 2021.6.2 - Denial of Service (PoC)
IDT PC Audio 1.0.6433.0 - 'STacSV' Unquoted Service Path
Microsoft Windows - Win32k Elevation of Privilege
Ksix Zigbee Devices - Playback Protection Bypass (PoC)
Mitel mitel-cs018 - Call Data Information Disclosure
Expense Management System - 'description' Stored Cross Site Scripting
ILIAS Learning Management System 4.3 - SSRF
Pharmacy Store Management System 1.0 - 'id' SQL Injection
Under Construction Page with CPanel 1.0 - SQL injection
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - CSRF
Student Result Management System 1.0 - Authentication Bypass SQL Injection
EgavilanMedia User Registration & Login System with Admin Panel 1.0 - Stored Cross Site Scripting
WonderCMS 3.1.3 - Authenticated SSRF to Remote Remote Code Execution
WonderCMS 3.1.3 - Authenticated Remote Code Execution
PRTG Network Monitor 20.4.63.1412 - 'maps' Stored XSS
Online Voting System Project in PHP - 'username' Persistent Cross-Site Scripting
NewsLister - Authenticated Persistent Cross-Site Scripting
Bakeshop Online Ordering System 1.0 - 'Owner' Persistent Cross-site scripting
Online News Portal System 1.0 - 'Title' Stored Cross Site Scripting
Local Service Search Engine Management System 1.0 - SQLi Authentication Bypass
WonderCMS 3.1.3 - 'Menu' Persistent Cross-Site Scripting
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Add Artwork
Artworks Gallery 1.0 - Arbitrary File Upload RCE (Authenticated) via Edit Profile
DotCMS 20.11 - Stored Cross-Site Scripting
WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass
ChurchCRM 4.2.0 - CSV/Formula Injection
ChurchCRM 4.2.1 - Persistent Cross Site Scripting (XSS)
Anuko Time Tracker 1.19.23.5311 - No rate Limit on Password Reset functionality
Anuko Time Tracker 1.19.23.5311 - Password Reset leading to Account Takeover
Simple College Website 1.0 - 'page' Local File Inclusion
Car Rental Management System 1.0 - SQL Injection / Local File include
WordPress Plugin Wp-FileManager 6.8 - RCE
2020-12-03 05:01:56 +00:00

26 lines
No EOL
967 B
Text
Raw Blame History

# Exploit Title: Under Construction Page with CPanel 1.0 - SQL injection
# Date: 17-11-2020
# Exploit Author: Mayur Parmar(th3cyb3rc0p)
# Vendor Homepage: http://egavilanmedia.com
# Software Link : http://egavilanmedia.com/under-construction-page-with-cpanel/
# Version: 1.0
# Tested on: PopOS
SQL Injection:
SQL injection is a web security vulnerability that allows an attacker
to alter the SQL queries made to the database. This can be used to
retrieve some sensitive information, like database structure, tables,
columns, and their underlying data.
Attack Vector:
An attacker can gain admin panel access using malicious sql injection queries.
Steps to reproduce:
1. Open admin login page using following URl:
-> http://localhost/Under%20Construction/admin/login.php
2. Now put below Payload in both the fields( User ID & Password)
Payload: admin' or '1'='1
3. Server accepted our payload and we bypassed cpanel without any
credentials
Reference in a new issue View git blame Copy permalink