NTG Haber Yazilim version 1 suffers from a remote SQL injection vulnerability.
914b8e8df58fa6f3377ea25bf850a0f6741cde17b85bcb1a1dca5504b808a031
# Exploit Title; NTG Haber Yazilim v1 - SQL Injection Vulnerability
# Date ; 14/03/12
# Author ; 3spi0n
# Script Vendor ; www.netgenel.net/index/1/ntg-haber-yazilimi-v1.html
# Script Demo ; http://www.netgenel.net/v1/anasayfa.php
# Category ; Webapps
# Type ; Sql Injection
# Tested on ; Ubuntu / Win7
[#] Script Details ;
- Vulnerable File is ; "rss.php"
- Demo ; http://www.netgenel.net/v1/rss.php?kat=1
- Google Dorks ; "Copyright © 2011 - 2012 NETGENEL BÝLÝÞÝM"
[#] Greetz ;
- Grayhatz Corporation, www.Grayhatz.Co
- My Official Blog, www.Ryuzaki.in
- Facebook.Com/3spi0ne - Twitter.Com/RigidusCO