Login as regular user http://localhost/[PATH]/index.php/user_management/update?id=[SQL]
A SQL injection vulnerability exists in Gram Post - Instagram Auto Post Multi Accounts with Paypal integration v1.0, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in the 'instagram_accounts/update' page. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL commands to the vulnerable application.
A SQL injection vulnerability exists in Tiger Post - Facebook Auto Post Multi Pages/Groups/Profiles v3.0.1, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in the 'index.php/user_management/update' script. An attacker can exploit this vulnerability by sending a crafted HTTP request containing malicious SQL statements to the vulnerable application.
A SQL injection vulnerability exists in Creative Management System - CMS Lite v1.3.1. An attacker can send a malicious SQL query to the vulnerable application to gain access to unauthorized information. The vulnerable parameter is 'Style' which can be found in the URL.
Login as student user and inject SQL in the URL parameters page=exams&action=edit&eid=[SQL] and page=classes&action=send&cid=[SQL]
Login as client user and inject SQL in the URL parameters view=ViewInvoice&id=[SQL] and view=ViewTicket&id=[SQL]
Login as student user. Other user groups have vulnerabilities. http://localhost/[PATH]/Document.php?view=[SQL] Etc...
Login as regular user and inject SQL in the URL parameters draftID and smsgID.
Login as customer User and send malicious SQL queries in the URL parameters msgID and smsgID.
Login as client User and inject SQL in the URL parameters of http://localhost/[PATH]/index.php?url=myCampaign&view=[SQL] and http://localhost/[PATH]/index.php?url=newSMSCampaign&use=[SQL]
Services By CQR