Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability

2012-08-1300:00:00

vulners.com

           ======================================================
           Tekno.Portal v0.1b - Blind SQL Injection in &quot;link.php&quot; 
           ======================================================

Exploit Title: Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability

Date: [08-01-2012]

Author: Socket_0x03 (Alvaro J. Gene)

Email: Socket_0x03 (at) teraexe (dot) com

Website: www.teraexe.com

Software Link: http://sourceforge.net/projects/teknoportal

Vulnerable Application: Tekno.Portal

Version: 0.1b

Vulnerable File: link.php (kat parameter)

Language: This application is available only in turkish language.

Product Description: Tekno.Portal is a content management system (CMS) developed

in PHP; furthermore, a webmaster can use this application to manage files, store
data, and more.

Blind SQL Injection:

http://www.website.com/teknoportal/link.php?kat=[Blind SQL Injection]

JSON

Tekno.Portal v0.1b &#39;link.php&#39; Blind SQL Injection Vulnerability

Exploit Title: Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability

Date: [08-01-2012]

Author: Socket_0x03 (Alvaro J. Gene)

Email: Socket_0x03 (at) teraexe (dot) com

Website: www.teraexe.com

Software Link: http://sourceforge.net/projects/teknoportal

Vulnerable Application: Tekno.Portal

Version: 0.1b

Vulnerable File: link.php (kat parameter)

Language: This application is available only in turkish language.

Product Description: Tekno.Portal is a content management system (CMS) developed

Blind SQL Injection:

Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability