Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection

Exploit Title: Xinet Elegant 6 Asset Lib Web UI 6.1.655 - SQL Injection Exploit author: hyp3rlinx import requests,time,re,sys,argparse NAPC Xinet Elegant 6 Asset Library v6.1.655 Pre-Auth SQL Injection 0day Exploit By hyp3rlinx ApparitionSec UPDATED: Jan 2024 for python3 TODO: add SSL support...

PT-2019-15790 · Napc Xinet · Napc Xinet Elegant 6 Asset Library

Name of the Vulnerable Software and Affected Versions: NAPC Xinet Elegant 6 Asset Library version 6.1.655 Description: The issue allows for Pre-Authentication SQL Injection via the "/elegant6/login" API endpoint, specifically through the username field in the LoginForm when double quotes are used...

Xinet Elegant 6 Asset Library Web Interface 6.1.655 SQL Injection Vulnerability

NAPC Xinet interface Elegant 6 Asset Library version 6.1.655 allows pre-authentication error-based SQL injection via the /elegant6/login LoginFormusername field when double quotes are used. + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source:...