PoC for Pemira Development Application SQLi Vulnerability
25'ten fazla konu seçemezsiniz Konular bir harf veya rakamla başlamalı, kısa çizgiler ('-') içerebilir ve en fazla 35 karakter uzunluğunda olabilir.
 
myitinos ed45cdee05 added jpg 2 yıl önce
LICENSE Initial commit 2 yıl önce
PemiraHelper.py added helper file so it can be used for all exploit 2 yıl önce
README.md Update 'README.md' 2 yıl önce
getEarlyResult.py removed NIM, you don't need it. and added both page to process at once 2 yıl önce
pvote.py moved 'NIM' parameter to GLOBAL for easier editing 2 yıl önce
shell.php.jpg added jpg 2 yıl önce
sqli.py added sqli exploit with customable SQL payload 2 yıl önce

README.md

pemira-atk

PoC for Pemira Development Vulnerability and Bug

Just read the code...

I'm too lazy to provide documentation...

sqli.py - Closed

SQLi vulnerabilities at validate.php that enables attacker to execute arbitrary SQL code with logged in database user level access.

pvote.py - Open

Improper check at validate.php that enables panitia to vote as normal mhs (panitia shouldn't be able to vote)

getEarlyResult - Closed

Improper check at private.php that enables anyone (even without user authorization) to access voting results even before specified end time.