PaulShop CMS 2017-03-25 SQL Injection

PaulShop CMS 2017-03-25 SQL Injection: Posted Jun 10, 2017; Authored by Se0pHpHack3r; PaulShop CMS versions 2017-03-25 and below suffer from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 2e149958a12b1f6a9fcebc1ce57a68f0f879ca910b53945a0dbcca007768434e; Download | Favorite | View

PaulShop CMS 2017-03-25 SQL Injection

# Exploit Title: [PaulShop CMS <= 2017-03-25 Sql Injection]
# Date: [10-06-2017]
# Exploit Author: [Se0pHpHack3r]
# Vendor Homepage: [https://codecanyon.net/item/paulshop-cms-with-shopping-cart-system/18070714]
# Version: [2017-03-25] 
 
1. Description
 
SQL Injection on Shipping Cost page in Cart, with "country" & "weight" parameter (GET)
 
2. Examples
 
http://localhost/shop/en/cart/shipping_cost?country=[SQL INJECTION HERE]
http://localhost/shop/en/cart/shipping_cost?country=TH&weight=[SQL INJECTION HERE]

Top Authors In Last 30 Days

Red Hat 267 files
indoushka 178 files
Jay Turla 150 files
Ubuntu 74 files
h00die 54 files
juan vazquez 43 files
sinn3r 41 files
H D Moore 31 files
Gentoo 24 files
Karn Ganeshen 23 files

File Archives

Systems

AIX (430)
Apple (2,115)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,125)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,591)
HPUX (881)
iOS (390)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,312)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (16,885)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,861)
UNIX (9,458)
UnixWare (188)
Windows (6,772)
Other

PaulShop CMS 2017-03-25 SQL Injection

PaulShop CMS 2017-03-25 SQL Injection

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

PaulShop CMS 2017-03-25 SQL Injection

Share This

PaulShop CMS 2017-03-25 SQL Injection

File Archive:

September 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems