Go Shop CMS bypass admin SQL Injection

Posted on 30 November -0001

<HTML><HEAD><TITLE>Go Shop CMS bypass admin SQL Injection</TITLE><META http-equiv="Content-Type" content="text/html; charset=utf-8"></HEAD><BODY>
# Exploit Title : Go Shop,Bypass admin ,SQL Injection
# Exploit Author : mr.nawaf
# Dork : allintext:  "Powered By Go Shop"
# Date: 2016/07/15
# video : https://www.youtube.com/watch?v=TQHq5IapX7M&feature=youtu.be
____________________________________________________
# Bypass admin

Exploit using  noredirect

https://addons.mozilla.org/en-US/firefox/addon/noredirect/

# demo Bypass admin :
http://www.nzir.co.nz/admin/login.php
http://www.cjtheclown.co.nz/admin/login.php

#sql Injection

search for php.id=

# demo sql Injection :
http://www.oceansalive.co.nz/index.php?page=listings&categoryid=101
http://www.1tonne.co.nz/index.php?page=listings&categoryid=101

===
# Discovered by : mr.nawaf
# twitter :nawaf_root
# youtube : https://www.youtube.com/channel/UCG7jXOjwbcVqO8tXYnONrgQ
</BODY></HTML>

TOP

Malware :

None in database

Last 20

Exploits :

Last 20