PhpIX 2012 Professional – ‘id’ SQL Injection

Exploit Database
41 阅读

作者： indoushka

日期： 2020-02-26
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/48138/

# Title: PhpIX 2012 Professional - 'id' SQL Injection
# Date: 2020-02-26
# Author: indoushka
# Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)
# Vendor: http://www.allhandsmarketing.com/

# poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] /product_detail.php?id=448578 <====| inject here

[+] http://www.pcollectionnecktie.com/sandbox/ <====| Login


Greetings to :=========================================================================================================================
|
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*|
|
=======================================================================================================================================

last Exploits
PhpIX 2012 Professional – ‘id’ SQL Injection的更多信息

WordPress Theme Acento – ‘view-pdf.php?File’ Arbitrary File Download：
webYourPhotos 6.05 – ‘index.php’ Remote File Inclusion：
Bus Pass Management System 1.0 – ‘viewid’ Insecure direct object references (IDOR)：
Dental Clinic Appointment Reservation System 1.0 – ‘date’ UNION based SQL Injection (Authenticated)：
eXtplorer 2.1.9 – ‘.ZIP’ Directory Traversal：
WordPress Plugin WP-SendSms 1.0 – Multiple Vulnerabilities：
Kaltura < 13.2.0 - Remote Code Execution：
LW-N605R 12.20.2.1486 – Remote Code Execution：