青果教务系统 /xsweb/pub/temp.aspx nj参数SQL注入漏洞

存在漏洞的文件：/xsweb/pub/temp.aspx?type=ajax&fellowXh=wooyun 该系统有waf的防御，只需要使用--tamper参数即可绕过，继续注入 sqlmap.py -u "http://stu.gxufe.cn/xsweb/pub/temp.aspx?type=menu&nj=wooyun" --tamper "equaltolike.py" --dbms mssql...

用友NC综合办公系统 /epp/html/nodes/upload/SupdocDo.jsp SQL注入漏洞

用友NC综合办公系统SQL注入漏洞，可同时影响多个办公系统HR资源管理系统、UFO报表系统等的数据库 注入链接：/epp/detail/publishinfomore.jsp?pkinfotype= 注入参数：pkinfotype 必须先访问/epp/index.jsp后产生cookie才能进行SQL注入 测试案例： http://nc.xhlbdc.com 访问首页产生cookie： http://nc.xhlbdc.com/epp/index.jsp...

SunshineCRM v1 /general/ERP/LOGIN/logincheck.php SQL注入漏洞

（0day）郑州单点科技软件有限公司开发的开源软件SunShineCRMv1版存在SQL注入漏洞漏洞分析过程如下：1、 源码分析： SunShineCRM系统登录页面index.php的POST表单action跳转到logincheck.php页面 Logincheck.php页面负责对登录的用户名和密码进行验证，虽然有校验特殊字符的代码，但却并 未过滤和转义这些特殊字符2、 POC过程： 首先检测注入是否存在 然后使用SQLMAP探测目标数据库信息，默认数据库mysql和CRM系统数据库crmmarket sqlmap-u...

Joomla vnmshop组件（插件）注入漏洞

Exploit Title: Joomla vnmshop组件（插件）注入漏洞 Google Dork: inurl:option=comvnmshop（61,800） Version: all version link vuln: site.com/index.php?option=comvnmshop&Itemid=211&catid=78%27 sqlmap -u "http://xxx/index.php?option=comvnmshop&Itemid=211&catid=78" --dbs ! legal disclaimer: Usage of sqlmap for...

Pligg CMS 2.0.2 - (load_data_for_search.php) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Pligg CMS 2.0.2 SQL injection Date: 29-08-2015 Exploit Author: jsass Vendor Homepage: http://pligg.com Software Link: https://github.com/Pligg/pligg-cms/archive/2.0.2.zip Version: 2.0.2 Tested on: kali sana 2.0 Q8 Gray Hat Team...

Pligg CMS 2.0.2 - 'load_data_for_search.php' SQL Injection

Exploit Title: Pligg CMS 2.0.2 SQL injection Date: 29-08-2015 Exploit Author: jsass Vendor Homepage: http://pligg.com Software Link: https://github.com/Pligg/pligg-cms/archive/2.0.2.zip Version: 2.0.2 Tested on: kali sana 2.0 Q8 Gray Hat Team SQLInjection File : loaddataforsearch.php $search = ne...

Pligg CMS 2.0.2 - load_data_for_search.php SQL Injection

Pligg CMS 2.0.2 - loaddataforsearch.php SQL Injection Exploit Title: Pligg CMS 2.0.2 SQL injection Date: 29-08-2015 Exploit Author: jsass Vendor Homepage: http://pligg.com Software Link: https://github.com/Pligg/pligg-cms/archive/2.0.2.zip Version: 2.0.2 Tested on: kali sana 2.0 Q8 Gray Hat Team...

WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection

WordPress Plugin CP Reservation Calendar 1.1.6 - SQL Injection Exploit Title: WordPress: cp-reservation-calendar 1.1.6 SQLi injection Date: 2015-09-15 Google Dork: Index of /wp-content/plugins/cp-reservation-calendar/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Software Link:...

Synology Video Station 1.5-0757 - Multiple Vulnerabilities

------------------------------------------------------------------------ Synology Video Station command injection and multiple SQL injection vulnerabilities ------------------------------------------------------------------------ Han Sahin, September 2015...

Cyberoam - Blind SQL Injection

Description The username field in the captive portal of Cyberoam NG firewall is vulnerable to SQL Injection and can be exploited to execute sql commands on the database. The username field is vulnerable to the following types of SQL Injections a Boolean-based blind sql injection b Stacked...

Cyberoam Firewall CR500iNG-XP 10.6.2 MR-1 - Blind SQL Injection

Cyberoam Firewall CR500iNG-XP 10.6.2 MR-1 - Blind SQL Injection Exploit Title: Cyberoam : Blind SQL Injection Date: 31/Aug/2015 Exploit Author: Dharmendra Kumar Singh Contact: [email protected] Vendor Homepage: http://www.cyberoam.com Software Link: http://www.cyberoam.com/NGFW/ Version:...

ResourceSpace CMS 7.3.7009 SQL Injection Vulnerability

ResourceSpace CMS versions 7.3.7009 and below suffer from a remote SQL injection vulnerability. Title: Blind boolean sql injection vulnerability in ResourceSpace CMS Author: William F. Reyor III Contact: email protected Published: August 22 2015 Vendor: Montala Limited Vendor url:...

AN IT CMS - SQL Injection Vulnerability

========================================================== + Title :- WAN IT CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.wanitltd.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google...

MSCorp CMS - SQL Injection Vulnerability

Exploit for php platform in category web applications ========================================================= + Title :- MSCorp CMS - SQL Injection Vulnerability + Date :- 7 - Aug - 2015 + Vendor Homepage :- http://www.mscorp.co.in/ + Version :- All Versions + Tested on :- Nginx/1.4.5,...

某学位论文提交系统通用SQL注入

简要描述： 详细说明： 某学位论文提交系统通用SQL注入。 案例： http://...:8001/paper/submit1.jsp ...:8001/paper/submit1.jsp http://...:8080/paper/submit1.jsp ...:8001/paper/submit1.jsp http://...:8001/paper/submit1.jsp 漏洞证明： 注入证明：（POST） 例：http://...:8001/paper/submit1.jsp 单引号输出报错 POST数据 POST /papercon HTTP/1.1 Accept:...

青果教务系统高危无限制注射(影响海量学校)

简要描述： 这么严重的SQL注射；青果会来确认吗？ 详细说明： 青果某系统存在无限制SQL注射；居然没有见到传说中的WAF拦截；并且大部分可以使用SQLMAP自动化注入测试工具进行测试；并且均为DBA权限；危害极大！ SQL Injection： /data/indexLOGIN.aspx 学生登录时UserID参数存在SQL注射漏洞 Case: 99%以上都是存在该漏洞；我想我该Mask一下保护这些学生！审核员你说呢？ 手工 1、...

SQLMAP-Web-GUI - Web GUI to drive near full functionality of SQLMAP

PHP Frontend to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Here is a few quick videos to show that almost all of your usual SQLMAP command line functionality is still possible via this Web GUI. Demo against: Windows 2003...

SQLMap Web Front End

PHP Front end to work with the SQLMAP JSON API Server sqlmapapi.py to allow for a Web GUI to drive near full functionality of SQLMAP! Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005 SQLMap Web GUI Requirements: Linux, Apache, PHP check your favorite distro’s wiki or forum pages, or use google PH...

Web Security Dojo

Web Security Dojo is a preconfigured, stand-alone training environment for Web Application Security. Virtualbox and VMware versions are available for download. Dojo is an open source project intended to be used as a training environment, and shouldn’t be used as a pen-testing platform due to the...

Why Web Developments SQL Injection

========================================================= + Title :- Why Web Developments CMS - SQL Injection Vulnerability + Date :- 19 - June - 2015 + Vendor Homepage: :- http://www.whyweb.co.za/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :-...