[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Thatware 0.4.6 - SQL Injection

Author
Besim
Risk
[
Security Risk High
]
0day-ID
0day-ID-25555
Category
web applications
Date add
13-10-2016
Platform
php
# Exploit Title :----------------- : Thatware 0.4.6 - (friend.php) - SQL Injection
# Author :------------------------ : Besim
# Google Dork :---------------- :  -
# Date :-------------------------- : 13/10/2016
# Type :-------------------------- : webapps
# Platform : -------------------- :  PHP  
# Vendor Homepage :------- : -
# Software link : -------------- : https://www.exploit-db.com/apps/13132b3e0eaeffc3fad55fded9e5bdc6-thatware_0.4.6.tar.gz
 
   
############################ SQL INJECTION Vulnerabilty ############################
       
*-* Code *-* 
 
include ("header.php");
$result=mysql_query("select title from stories where sid=$sid")
 
*-* Vulnerable parameter-: $sid
  
*-* File-----------------: friend.php?sid=(SQL inj)

#  0day.today [2024-12-25]  #