Kisisel Portfolyo Scripti version 4.031 suffers from a remote SQL injection vulnerability.
69aed8309d6ba449f9f3eb2b1028867b5af26ceed5472d479ef4df3a2875219a
========================================================================
| # Title : KiAisel Portfolyo Scripti 4.031 Sql injection vulnerability
| # Author : indoushka
| # email : indoushka4ever@gmail.com
| # Tested on : windows 10 FranASSais V.(Pro)
| # Version : 4.031
| # Vendor : http://wmscripti.com/php-scriptler/kisisel-portfolyo-scripti.html
| # Dork : emlakdetail.php?url= / ", KiAisel Portfolyo Sitesi. TA1/4m haklarA+- saklA+-dA+-r. Powered by : Php Scriptlerim"
========================================================================
poc :
http://www.pagemlak.com/emlakdetail.php?url=satilik <== inject her
panel : http://www.pagemlak.com/yonetim/
Greetz : aua'>>a'1/2a'1/2a'dega'deg aua'degaua'degau a'>>a'*a'*auaua'>>------au-auau-a'deg a'degaua'degauPSaua'3a'>>au-------- aua'degauau!a'>>auau aua'degauaua'*oauaua'degau ------
|
jericho * Larry W. Cashdollar * shadow0075 * djroot.dz |
|
===================== pa'degaua'1/2a'>>au auauoauau aua'>>auauauauauauC/ =============================