CVE-2020-9340
/Play/Election1/3-Exploitation/attachments/{EF732C0A-250B-4460-BD16-7BC4C902BD71}.png)
A vulnerability was found in fauzantrif eLection 2.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/ajax/op_kandidat.php. The manipulation of the argument ID as part of Parameter leads to sql injection. This vulnerability is known as CVE-2020-9340. The attack can be launched remotely.
Exploit
┌──(kali㉿kali)-[~/PEN-200/PG_PLAY/election1]
└─$ searchsploit -m php/webapps/48122.txt ; mv 48122.txt CVE-2020-9340.txt
Exploit: eLection 2.0 - 'id' SQL Injection
URL: https://www.exploit-db.com/exploits/48122
Path: /usr/share/exploitdb/exploits/php/webapps/48122.txt
Codes: N/A
Verified: False
File Type: ASCII text
Copied to: /home/kali/PEN-200/PG_PLAY/election1/source_code/48122.txtExploit locally available. Manually exploiting..