PHP Scripts Theater Management Script 3.1.5 SQL Injection

PHP Scripts Theater Management Script version 3.1.5 suffers from a remote SQL injection vulnerability.


MD5 | 0edd3fed74a5ea3eac00393ea22745fa

#
# Exploit Title: PHP Scripts - Theater Management Script - SQL Injection
# Dork: inurl:show-time.php?moid=
# Date: 18.08.2017
# Vendor Homepage : http://www.exclusivescript.com/product/8o2b4417538/php-scripts/theater-management-script
# Version: 3.1.5
# Category: Webapps
# Tested on: WiN10_x64 / KaLiLinux_x64
# CVE: N/A
# # # # # # # # # # # # #
#
# Exploit Author: AnGrY BoY
# Author Web: http://www.h4kurd.com
# Author E-Mail: [email protected]
# # # # # # # # #
#
# Description:
# The vulnerability allows an attacker to inject sql commands....
#
# Proof of Concept:
#
# http://localhost/[PATH]/show-time.php?moid=[SQL]
#
#

Related Posts