bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/26307.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

12 lines
No EOL
737 B
Text
Raw Blame History

source: https://www.securityfocus.com/bid/14976/info
lucidCMS is prone to to an SQL injection vulnerability.
Successful exploitation could result in a compromise of the application, disclosure or modification of data, or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
Ultimately an attacker could exploit this vulnerability to gain administrative privileges. This could facilitate a compromise of the underlying system; other attacks are also possible.
The following proof of concept demonstrates data to be entered into the login and password fields of the login page:
login: 'UNION(SELECT'1','admin','admin','FAKE@example.com','d41d8cd98f00b204e9800998ecf8427e','1')/*
pass: [nothing]
Reference in a new issue View git blame Copy permalink