CVE-2007-4114: SQL Injection in SuskunDuygular Yelik Sistemi v.1

Critical Vulnerability Information Vulnerability Name: SuskunDuygular - Yelik Sistemi v.1 Sql Injection Bug Disclosure Date: 2007-08-01 / 2007-08-02 CVSS Information - Base Score: 7.5/10 - Impact Subscore: 6.4/10 - Attack Complexity: Low - Confidentiality Impact: Partial - Integrity Impact: Partial - Availability Impact: Partial - Exploitability Subscore: 10/10 - Authentication: No required Vulnerability Identification - Remote: Yes - Local: No Risk Level: Medium CVE ID: CVE-2007-4114 CWE ID: CWE-Other Risk Description - Vulnerability Target: SuskunDuygular - Yelik Sistemi v.1 Sql - Vulnerability Author: Yollubunlar - Author Website: http://yollubunlar.org - Exploit Path: site.com/script_path/unuttum.asp - Exploit Example - SQL Injection Point: ' OR '1'='1 - After inputting ' OR '1'='1, the content we wrote becomes visible - After inputting ' OR '1'='1, the administrator password becomes visible

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2007-4114: SQL Injection in SuskunDuygular Yelik Sistemi v.1