MAXİVA News Script SQL Injection Vulnerability

2011-11-28 13:44:12
Posted by: DeathSyStem

+#######+
|DeathSyStem|
+#######+
[+] Title : MAXÄ°VA SQL Injection Vulnerability
[+] Affected Version : ALL VERSIONS
[+] Software Link : http://www.maxiva.net/
[+] Date : 28/11/2011
[+] Dork : inurl:'/default.asp?page=haber&id=' intext:"maxiva.net"
[+] Category : News
[+] Severity : High
[+] Author : DeathSyStem
[+] Follow on FB : http://www.death-system.org

+############+
|[o] EXPLOIT |
+############+
[+] http://[website]/default.asp?page=haber&id=[SQLi]
[+] ADMINISTRATION COLUMN : users
[+] ADMINISTRATION PATH : http://[website]/edit
+#########+
+------------+
|[o] Greet'z |
+------------+
[+] To : Real_Karizma & Caners

Fixes

No fixes

In order to submit a new fix you need to be registered.