Lucene search

K
packetstormBorna NematzadehPACKETSTORM:146252
HistoryFeb 05, 2018 - 12:00 a.m.

Matrimonial Website Script 2.1.6 SQL Injection

2018-02-0500:00:00
Borna Nematzadeh
packetstormsecurity.com
19
matrimonial website script
sql injection
webapps
vulnerability
php script small
`# Exploit Title: Matrimonial Website Script 2.1.6 - 'uid' SQL Injection  
# Dork: N/A  
# Date: 2018-02-03  
# Exploit Author: Borna nematzadeh (L0RD) or [email protected]  
# Vendor Homepage:  
https://www.phpscriptsmall.com/product/matrimonial-website-script/  
# Version: 2.1.6  
# Category: Webapps  
# CVE: N/A  
# # # # #  
# Description:  
# The vulnerability allows an attacker to inject sql commands.  
# # # # #  
# Proof of Concept:  
  
  
http://localhost/entrepreneur/view-profile.php?uid=[SQL]  
  
  
`