Skip to content
Permalink
Branch: master
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
15 lines (14 sloc) 604 Bytes

zzcms 8.3 SQL injection

CMS

zzcms v8.3 http://www.zzcms.net/

Vulnerability details

position: $ip parameter /user/logincheck.php in line 21 postion $ip from getip() and it defines in /inc/function.php The getip() function does not have any security filtering. SQL injection can be caused by constructing the X-Forwarded-For parameter.

POC

X-Forwarded-For:127.0.0.1' or (select * from (select sleep(2))b)#

You can’t perform that action at this time.