Professional Bus Booking Script – ‘hid_Busid’ SQL Injection

Exploit Database
14 阅读

作者： Ihsan Sencan

日期： 2017-03-27
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/41735/

# # # # # 
# Exploit Title: Professional Bus Booking Script - SQL Injection
# Google Dork: N/A
# Date: 27.03.2017
# Vendor Homepage: http://travelbookingscript.com/
# Software: http://travelbookingscript.com/professional-bus-booking-script.html
# Demo: http://travelbookingscript.com/demo/professional/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# #ihsansencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/available_seat.php?hid_Busid=[SQL]
# # # # #

last Exploits
Professional Bus Booking Script – ‘hid_Busid’ SQL Injection的更多信息

ZoneMinder 1.32.3 – Cross-Site Scripting：
KodExplorer v4.51.03 – Pwned-Admin File-Inclusion – Remote Code Execution (RCE)：
BlackNova Traders – ‘news.php’ SQL Injection：
WordPress Plugin PayPal Checkout Payment Gateway 1.6.8 – Parameter Tampering：
Feixun Wireless Router FWR-604H – Remote Code Execution：
u5CMS 3.9.3 – Multiple SQL Injections：
Hospital Management System 4.0 – Persistent Cross-Site Scripting：
YCommerce – Multiple SQL Injections：