Soinit Technology Solutions CMS & SQL Vulnerability

2024.02.18
gb MrHoudini (GB) gb
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title : Soinit Technology Solutions CMS & SQL Vulnerability # Discovered By : MrHoudini # Contact Me : Mr.Houdini77@Gmail.com # Date : 14-02-2024 # Vendor : https://soinit-ts.com/ [!] Description.: SQL injection attacks usually targets database and all of them are the results of programming errors. If programmer couldn't checked the inputs correctly, so the attacker can send his/her commands to database. If programmer do this errors at admin page input and the inputs haven't been checked correctly, occur a very bad thing that allow attacker login to administrator panel with combination the passwords that turn the result to True in php. Request Method : [+] POST Vulnerable Module: [+] Login Vulnerable Parameter: [+](username) and (Password) ================================================== [!] Bug.........: <?php require_once('any.php'); if($_POST['submit']) { $user=$_POST['user']; $pswd=$_POST['pswd']; $result=mysql_query("select * from login where user='$user' and pswd='$pswd'"); $rowcount=mysql_num_rows($result); if($rowcount>0) { header('Location:any.php'); } else { echo "bad user"; } } ?> ================================================== [!] Live Demo. For Admin Page : https://makgroupindian.com/admin/ https://firecheckindia.in/admin/ https://soinit-ts.com/admin/ [!] Live Demo. For SQL Injection : https://www.firecheckindia.in/cms.php?id=4 https://smoceanseafood.com/page.php?id=1


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top