Advertisement






School ERP Ultimate 2018 - 'fid' SQL Injection

CVE Category Price Severity
CVE-2018-039 CWE-89 $1000 High
Author Risk Exploitation Type Date
Unknown High Remote 2020-05-17
CPE
cpe:cpe:/a:school-erp-ultimate:2018:039:fid:039
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020050135

Below is a copy:

School ERP Ultimate 2018 - 'fid' SQL Injection
###############################################################
# Title : School ERP Ultimate 2018 - 'fid' SQL Injection
# Author : Milad Karimi
# Vendor : http://freeschoolerp.com/
# Date: 2020.05.14
# Category : webapps
# Version: 1.0
# CVE : CWE-89
# Tasted on : Win 10 , Kali linux
# Dork : N/A
###############################################################

#####################################################
demo ==> http://localhost/[PATH]/student_staff/?pid=54&action=staff_timetable&fid=[SQL]
#####################################################

************************
* ==> Contact Me :
* Telegram : @Ex3ptionaL
* Email : [email protected] Email: [email protected]
* Instagram : @m.i.l.a.d_._k.a.r.i.m.i
************************ 

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.