Snitz Forum v1.0 – Blind SQL Injection

Exploit Database
15 阅读

作者： Emiliano Febbi

日期： 2023-04-07
类别：
- webapps
平台：
- asp
来源：https://www.exploit-db.com/exploits/51323/

# Exploit Title: Snitz Forum v1.0 - Blind SQL Injection
# Date: 13/03/2023
# Exploit Author: Emiliano Febbi
# Vendor Homepage: https://forum.snitz.com/
# Software Link: https://sourceforge.net/projects/sf2k/files/
# Version: ALL VERSION
# Tested on: Windows 10 

[code]
._ _______.
*/ ///______I
) . /_(_)
/__/ *0day PoC*


http://www.site.com/forum/cal.asp?date=25/03/2023 <= SQLi ???

http://www.site.com/forum/log.asp?log_id=3456 <= Blind SQLi #!WORK!#

._________.
*/ ///______I
) . /_(_)
/__/*0day PoC End*
[/code]

last Exploits
Snitz Forum v1.0 – Blind SQL Injection的更多信息

Free Blog 1.0 – Multiple Vulnerabilities：
Avantune Genialcloud ProJ 10 – Cross-Site Scripting (XSS)：
WordPress Plugin Wechat Broadcast 1.2.0 – Local File Inclusion：
Affiliate MLM Script 1.0 – ‘product-category.php?key’ SQL Injection：
Joomla! Component education – SQL Injection：
Rayzz Photoz – Arbitrary File Upload：
WordPress Plugin Js-appointment 1.5 – SQL Injection：
Uploader by CeleronDude 5.3.0 – Arbitrary File Upload (2)：