Readymade Video Sharing Script 3.2 – ‘search’ SQL Injection

• Exploit Database
• 118 阅读

• 作者： Varun Bagaria
  日期： 2018-02-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/44018/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  ################################################################## # Exploit Title: Readymade Video Sharing Script - SQL Injection (Error Based) # Google Dork: NA # Date: 10.02.2018 # Exploit Author: Varun Bagaria # Vendor Homepage: https://www.phpscriptsmall.com/ # Software Link: https://www.phpscriptsmall.com/product/php-video-sharing-script/ # Version: 3.2 # Tested on: Windows 7 # Category: Webapps # CVE :NA ##################################################################   Proof of Concept =================   Attack Parameter : search Payload : '   Reproduction Steps: ------------------------------ 1. Access the website 2. In the search bar insert ' and you will get error based SQL Injection