8 matches found
HongCMS 3.0.0 - SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE :...
HongCMS 3.0.0 SQL Injection
Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE : CVE-2018-12912 POC Administrator...
HongCMS 3.0.0 - (Authenticated) SQL Injection
Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE : CVE-2018-12912 POC Administrator...
HongCMS 3.0.0 - (Authenticated) SQL Injection
HongCMS 3.0.0 - Authenticated SQL Injection Exploit Title: HongCMS 3.0.0 - SQL Injection Google Dork: if applicable Date: 2018/06/26 Exploit Author: Hzllaga Vendor Homepage: https://github.com/Neeke/HongCMS/ Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5...
CVE-2018-12912
creationtimestamp| type| source ---|---|--- 2018-06-28 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/44953...
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI...
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI...
CVE-2018-12912
HongCMS 3.0.0 contains a SQL Injection vulnerability in admin/controllers/database.php, exploitable via the request admin/index.php/database/operate?dbaction=emptytable&tablename= (URI). Public exploit/activity references show an authenticated/remote-exploit path using this parameter to inject SQ...