surena CMS Travel SQL injection

2020.07.23
ir Avanter (IR) ir
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

#Exploit Title : surena CMS Travel SQL injection #Date : 22-7-2020 #Google Dork : inurl:php?id= intext:تمام حقوق مادی و معنوی این سایت متعلق به سورنا میباشد #Exploit Author : Avanter & ITH Team #Vendor Homepage : http://surena3d.com #Tested on : Windows 8 #CVEs : N/A .:: Descreption ::. A programming error caused a malicious file to be infected with a SQLI error .:: PoC ::. 1 : Find Your target with Dork 2 : Find And test the Target With ' 3 : Injection With SQLmap Or other softwares :) .:: Discovered by ::. Avanter


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top