sqli Archives — Page 2 of 4

SQLMAP – Automated Detecting and Exploiting SQL Injection Flaws

August 28, 2020September 29, 2020 Admin

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features […]

PNPSCADA 2.200816204020 SQL Injection

August 25, 2020August 25, 2020 Admin

SugarCRM SQL Injection

August 12, 2020August 12, 2020 Admin

Daily Expenses Management System 1.0 SQL Injection

August 10, 2020 Admin

# Exploit Title: Daily Expenses Management System 1.0 – Multiple SQL Injection Vulnerabilty # Date: 2020-8-5 # Exploit Author: Edo Maland # Vendor Homepage: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html # Software Link: https://www.sourcecodester.com/php/14372/daily-tracker-system-phpmysql.html # Version: 1.0 # Tested on: […]

LayerBB Forum 1.1.1 – ‘search_query’ SQL Injection

October 4, 2018 Admin

# Exploit Title: LayerBB Forum 1.1.1 – ‘search_query’ SQL Injection # Exploit Author: Ihsan Sencan # Dork: N/A # Date: 2018-10-04 # Vendor Homepage: https://layerbb.com/ # Software Link: https://demo.layerbb.com/ # Version: 1.1.1 # Category: Webapps […]

Joomla Component JCK Editor 6.4.4 – ‘parent’ SQL Injection

September 17, 2018 Admin

# Title: Joomla Component JCK Editor 6.4.4 – ‘parent’ SQL Injection # Date: 2018-09-14 # Exploit Author: Hamza Megahed # Vendor Homepage:https://www.joomla.org/ # Download: https://arkextensions.com/products/jck-editor # Version: 6.4.4 # Tested on: Ubuntu, FireFox, # CVE: […]

SQLMAP – Automatic SQL Injection

September 7, 2018June 30, 2021 Admin

SQLMAP is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the […]

WAScan – Web Application Scanner

July 26, 2018September 30, 2020 Admin

WAScan ((W)eb (A)pplication (Scan)ner) is a Open Source web application security scanner. It is designed to find various vulnerabilities using “black-box” method, that means it won’t study the source code of web applications but will […]

HongCMS 3.0.0 SQL Injection

June 28, 2018 Admin

Exploit Title: HongCMS 3.0.0 – SQL Injection Google Dork: [if applicable] Date: 2018/06/26 Exploit Author: Hzllaga Software Link: https://github.com/Neeke/HongCMS/ Version: 3.0.0 Tested on: php5.4 mysql5 CVE : CVE-2018-12912 POC (Administrator Privilege): [su_quote] /admin/index.php/database/operate?dbaction=emptytable&tablename=hong_vvc%60%20where%20vvcid%3D1%20or%20updatexml%282%2Cconcat%280x7e%2C%28version%28%29%29%29%2C0%29%20or%20%60[/su_quote]

Joomla! Component EkRishta 2.10 – ‘cid’ SQL Injection

June 12, 2018 Admin

# # # # # Exploit Title: Joomla! Component Ek Rishta 2.10 – SQL Injection # Dork: N/A # Date: 08.06.2018 # Vendor Homepage: https://www.joomlaextensions.co.in/ # Software Link: https://extensions.joomla.org/extension/ek-rishta/ # Version: 2.10 # Tested on: […]