Contrexx CMS egov Module 1.0.0 – SQL Injection

• Exploit Database
• 14 阅读

• 作者： hamidreza borghei
  日期： 2016-09-13
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/40366/

• # Exploit Title: Contrexx CMS:egov moudle SQL injection
  # Google Dork: inurl:?section=egov
  # Date: 12/9/2016
  # Exploit Author: hamidreza borghei
  # Software Link: https://www.cloudrexx.com/de/index.php?section=downloads&cmd=7&category=8
  # Version: 1.0.0
  # Tested on: linux
  
  sql injection in id parameter:
  
  http://server/index.php?section=egov&cmd=details&id=[sql query]