Dating Script 3.25 – SQL Injection

• Exploit Database
• 34 阅读

• 作者： Dawid Morawski
  日期： 2017-01-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41027/

• # Vulnerability: Dating Script v3.25 - SQL Injection
  # Date: 11.01.2017
  # Software link: http://itechscripts.com/dating-script/
  # Demo: http://dating.itechscripts.com
  # Price: 199$
  # Category: webapps
  # Exploit Author: Dawid Morawski
  # Website: http://www.morawskiweb.pl
  # Contact: dawid.morawski1990@gmail.com
  #######################################
  
  
  1. Description
  An attacker can exploit this vulnerability to read from the database.
  
  2. SQL Injection / Proof of Concept:
  Vulnerable Parametre: id
  http://localhost/[PATH]/see_more_details.php?id=[SQL]