JonhCMS 4.5.1 - SQL Injection



EKU-ID: 44804 CVE: OSVDB-ID:
Author: Besim Published: 2016-10-13 Verified: Not Verified
Download:

Rating

☆☆☆☆☆
Home 


# Exploit Title :----------------- : JonhCMS 4.5.1 - (go.php?id) - SQL Injection
# Author :------------------------ : Besim
# Google Dork :---------------- :  -
# Date :-------------------------- : 14/10/2016
# Type :-------------------------- : webapps
# Platform : -------------------- :  PHP
# Vendor Homepage :------- : -
# Software link : -------------- : http://wmscripti.com/php-scriptler/johncms-icerik-yonetim-scripti.html

############ SQL INJECTION Vulnerabilty ##############


-*-*- :  Vulnerable code----------: $req = mysql_query("SELECT * FROM `cms_ads` WHERE `id` = '$id'");
-*-*- :  Vulnerable parameter--: $id
-*-*- :  Vulnerable file------------: http://site_name/path/go.php?id=[SQL injection code]