Netartmedia PHP Car Dealer SQL Injection

Netartmedia PHP Car Dealer suffers from a remote SQL injection vulnerability.

MD5 | 626471d185f7743ea6d1d0d22969577d

# Exploit Title: Netartmedia  PHP Car Dealer- SQL Injection
# Date: 19.03.2019
# Exploit Author: Ahmet Ümit BAYRAM
# Vendor Homepage:
# Demo Site:
# Version: Lastest
# Tested on: Kali Linux
# CVE: N/A
# Description:The PHP Car Dealer script is also using a flexible
template system - the
templates can be modified or new ones to be created in order to
completely customize the website look and feel.

----- PoC 1 SQLi -----

Request: http://localhost/[PATH]/index.php

Parameter features[] (POST)


Related Posts