################################################################### Exploit Title: Readymade Video Sharing Script - SQL Injection (Error Based)# Google Dork: NA# Date: 10.02.2018# Exploit Author: Varun Bagaria# Vendor Homepage: https://www.phpscriptsmall.com/# Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ # Version: 3.2# Tested on: Windows 7# Category: Webapps# CVE :NA##################################################################
Proof of Concept
=================
Attack Parameter : search
Payload : '
Reproduction Steps:------------------------------1. Access the website
2. In the search bar insert ' and you will get error based SQL Injection