Mevin Productions SQL Injection

2011-10-30T00:00:00
ID PACKETSTORM:106449
Type packetstorm
Reporter 3spi0n
Modified 2011-10-30T00:00:00

Description

                                        
                                            `# Exploit Title: mevin productions Sql Injection Vulnerability  
# Date: 30/10/2011 - 23:00  
# Author: 3spi0n  
# Software Website: http://www.mevin.com/  
# Tested On: BackTrack 5 - Win7 Ultimate  
# Platform: Php  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
[$] Vulnerable File: Event.php  
  
[$] Dorks: "Powered by: mevin productions" inurl:/event.php?id=  
  
[$] Demo Sites:  
  
[~] http://www.mhsbb.com/events/event.php?id=96" [PhpSQLi]  
[~] http://www.timewarpband.co.uk/events/event.php?id=24" [PhpSQLi]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# We attempted to work, you can not imagine.  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
# Contact: Http://3spi0n.Net/  
  
# Greetz: Http://DarkDevilz.in/  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
  
Mr.PaPaRoSSe Black_Umo ALEXTRAX Brs_BaRoN ZyX x-Leader  
Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH  
  
[And DD'z Family]  
  
[DarkDevilz - Defence And Destruction Group'z - TURKEY]  
  
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>  
`