Search for hundreds of thousands of exploits

"PhpIX 2012 Professional - 'id' SQL Injection"

Author

Exploit author

indoushka

Platform

Exploit platform

php

Release date

Exploit published date

2020-02-26

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
# Title: PhpIX 2012 Professional - 'id' SQL Injection
# Date: 2020-02-26
# Author: indoushka
# Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)
# Vendor    : http://www.allhandsmarketing.com/

# poc :


[+] Dorking İn Google Or Other Search Enggine.

[+] /product_detail.php?id=448578 <====| inject here

[+] http://www.pcollectionnecktie.com/sandbox/ <====| Login


Greetings to :=========================================================================================================================
                                                                                                                                      |
jericho * Larry W. Cashdollar * brutelogic* hyp3rlinx* 9aylas * shadow_00715 * LiquidWorm*                                            |        
                                                                                                                                      |
=======================================================================================================================================
Release DateTitleTypePlatformAuthor
2020-02-26"PhpIX 2012 Professional - 'id' SQL Injection"webappsphpindoushka
2020-02-24"AMSS++ v 4.31 - 'id' SQL Injection"webappsphpindoushka
2020-02-24"AMSS++ 4.7 - Backdoor Admin Account"webappsphpindoushka
2020-02-20"Easy2Pilot 7 - Cross-Site Request Forgery (Add User)"webappsphpindoushka
2014-05-08"CMS Touch - 'pages.php?Page_ID' SQL Injection"webappsphpindoushka
2014-05-08"CMS Touch - 'news.php?News_ID' SQL Injection"webappsphpindoushka
2014-05-05"PrestaShop - 'getSimilarManufacturer.php?id_manufacturer' SQL Injection"webappsphpindoushka
2014-03-17"OpenSupports 2.0 - Blind SQL Injection"webappsphpindoushka
2013-07-06"phpVibe 3.1 - Information Disclosure / Remote File Inclusion"webappsphpindoushka
2012-06-19"AdaptCMS 2.0.2 - 'index.php' Script Cross-Site Scripting"webappsphpindoushka
2012-04-17"Joomla! Component JA T3 Framework - Directory Traversal"webappsphpindoushka
2012-02-13"Powie pFile 1.02 - '/pfile/file.php?id' SQL Injection"webappsphpindoushka
2012-02-13"Powie pFile 1.02 - '/pfile/kommentar.php?filecat' Cross-Site Scripting"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_time.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_qry_common.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_common.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_iplink.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_class.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'index.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_uaddr.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/base_useradmin.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_sensor.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_ag_main.php' Crafted Arbitrary File Upload / Arbitrary Code Execution"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_alerts.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_ipaddr.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_user.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - '/admin/index.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_stat_ports.php?base_path' Remote File Inclusion"webappsphpindoushka
2012-02-11"Basic Analysis and Security Engine (BASE) 1.4.5 - 'base_qry_alert.php?base_path' Remote File Inclusion"webappsphpindoushka
import requests
response = requests.get('https://www.nmmapper.com/api/exploitdetails/48138/?format=json')

For full documentation follow the link above

Cipherscan. A very simple way to find out which SSL ciphersuites are supported by a target.

Identify and fingerprint Web Application Firewall (WAF) products protecting a website.