Matrimonial Website Script 2.1.6 - 'uid' SQL Injection

EDB-ID: 43965
Author: L0RD
Published: 2018-02-05
CVE: N/A
Type: Webapps
Platform: PHP
Vulnerable App: N/A

 # Dork: N/A 
 # Date: 2018-02-03 
 # Exploit Author: Borna nematzadeh (L0RD) or [email protected] 
 # Vendor Homepage: 
 https://www.phpscriptsmall.com/product/matrimonial-website-script/ 
 # Version: 2.1.6 
 # Category: Webapps 
 # CVE: N/A 
 # # # # # 
 # Description: 
 # The vulnerability allows an attacker to inject sql commands. 
 # # # # # 
 # Proof of Concept: 
  
   
  http://localhost/entrepreneur/view-profile.php?uid=[SQL]

Source: www.exploit-db.com