###################################################################################################Exploit Title : Lively cart SQL Injection vulnerability#Author: Manish Kishan Tanwar AKA error1046#Vendor Link : http://codecanyon.net/item/livelycart-a-jquery-php-store-shop/5531393#Date: 18/06/2015#Love to : zero cool,Team indishell,Mannu,Viki,Hardeep Singh,Incredible,Kishan Singh and ritu rathi#Discovered At : Indishell Lab##################################################################################################/////////////////////////// Overview:
////////////////////////
Lively cart is shping cart script and search parameter(search_query) in not filtering user supplied data and hence affected from SQL injection vulnerability
///////////////////////////////// Vulnerability Description:
///////////////////////////////
vulnerability is due to search_query GET parameter
///////////////////POC ///////////////////
http://SERVER/1.2.0/product/search?search_query='
--==[[ Greetz To ]]==--#############################################################################################Guru ji zero ,code breaker ica, root_devil, google_warrior,INX_r0ot,Darkwolf indishell,Baba, #Silent poison India,Magnum sniper,ethicalnoob Indishell,Reborn India,L0rd Crus4d3r,cool toad,#Hackuin,Alicks,mike waals,Suriya Prakash, cyber gladiator,Cyber Ace,Golden boy INDIA,#Ketan Singh,AR AR,saad abbasi,Minhal Mehdi ,Raj bhai ji ,Hacking queen,lovetherisk,Bikash Dash#############################################################################################--==[[Love to]]==--# My Father ,my Ex Teacher,cold fire hacker,Mannu, ViKi ,Ashu bhai ji,Soldier Of God, Bhuppi,#Mohit,Ffe,Ashish,Shardhanand,Budhaoo,Jagriti,Salty and Don(Deepika kaushik)--==[[ Special Fuck goes to ]]==--
<3suriya Cyber Tyson <3
