PhpIX 2012 Professional – ‘id’ SQL Injection

Exploit Database
106 阅读

作者： indoushka

日期： 2020-02-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/48138/

# Title: PhpIX 2012 Professional - 'id' SQL Injection
# Date: 2020-02-26
# Author: indoushka
# Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)
# Vendor: http://www.allhandsmarketing.com/

# poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] /product_detail.php?id=448578 <====| inject here

[+] http://www.pcollectionnecktie.com/sandbox/ <====| Login


Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*|
|
=======================================================================================================================================

last Exploits
PhpIX 2012 Professional – ‘id’ SQL Injection的更多信息

Arachni Web Application Scanner Web UI – Persistent Cross-Site Scripting：
WebNMS Framework Server 5.2/5.2 SP1 – Multiple Vulnerabilities：
phpLDAPadmin 1.2.2 – ‘server_id’ LDAP Injection (Username)：
Event Ticket Portal Script Admin Password Change – Cross-Site Request Forgery：
Raritan PowerIQ 4.1.0 – SQL Injection (Metasploit)：
Douran 3.9.7.8 – File Download/Source Code Disclosure：
WordPress Plugin Sodahead Polls 2.0.2 – Multiple Cross-Site Scripting Vulnerabilities：
Zend Server 5.6.0 – Multiple Remote Script Insertion Vulnerabilities：