# Exploit Title : Go Shop,Bypass admin ,SQL Injection
# Exploit Author : mr.nawaf
# Dork : allintext: "Powered By Go Shop"
# Date: 2016/07/15
# video : https://www.youtube.com/watch?v=TQHq5IapX7M&feature=youtu.be
____________________________________________________
# Bypass admin
Exploit using noredirect
https://addons.mozilla.org/en-US/firefox/addon/noredirect/
# demo Bypass admin :
http://www.nzir.co.nz/admin/login.php
http://www.cjtheclown.co.nz/admin/login.php
#sql Injection
search for php.id=
# demo sql Injection :
http://www.oceansalive.co.nz/index.php?page=listings&categoryid=101
http://www.1tonne.co.nz/index.php?page=listings&categoryid=101
===
# Discovered by : mr.nawaf
# twitter :nawaf_root
# youtube : https://www.youtube.com/channel/UCG7jXOjwbcVqO8tXYnONrgQ