exploitdb
WORKING POC
VERIFIED
by Qabandi · textwebappsphp
https://www.exploit-db.com/exploits/8769
This exploit demonstrates a SQL injection vulnerability in ZaoCMS by leveraging insecure cookie handling to set an admin cookie and then injecting a UNION-based SQL query to extract database information.
Classification
Working Poc 90%
Target:
ZaoCMS
No auth needed
Prerequisites:
Access to the target application · Ability to set cookies in the browser