Dating Script 3.25 - SQL Injection Vulnerability

2017-01-12T00:00:00
ID 1337DAY-ID-26661
Type zdt
Reporter Dawid Morawski
Modified 2017-01-12T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Vulnerability: Dating Script v3.25 - SQL Injection
# Date: 11.01.2017
# Software link: http://itechscripts.com/dating-script/
# Demo: http://dating.itechscripts.com
# Price: 199$
# Category: webapps
# Exploit Author: Dawid Morawski
# Website: http://www.morawskiweb.pl
# Contact: [email protected]
#######################################
 
 
1. Description
An attacker can exploit this vulnerability to read from the database.
 
2. SQL Injection / Proof of Concept:
Vulnerable Parametre: id
http://localhost/[PATH]/see_more_details.php?id=[SQL]

#  0day.today [2018-01-08]  #