#
# Exploit Title: PHP Scripts - Theater Management Script - SQL Injection
# Dork: inurl:show-time.php?moid=
# Date: 18.08.2017
# Vendor Homepage : http://www.exclusivescript.com/product/8o2b4417538/php-scripts/theater-management-script
# Version: 3.1.5
# Category: Webapps
# Tested on: WiN10_x64 / KaLiLinux_x64
# CVE: N/A
# # # # # # # # # # # # #
#
# Exploit Author: AnGrY BoY
# Author Web: http://www.h4kurd.com
# Author E-Mail: h4kurd@yahoo.com
# # # # # # # # #
#
# Description:
# The vulnerability allows an attacker to inject sql commands....
#   
# Proof of Concept:
# 
# http://localhost/[PATH]/show-time.php?moid=[SQL]
# 
#