U238 (ugur238)

1 exploit Active since Feb 2009
CVE-2008-6204 EXPLOITDB text WORKING POC
SuperNET Shop < 1.0 - SQL Injection via id, kulad, sifre, username, or password Parameters
Multiple SQL injection vulnerabilities in SuperNET Shop 1.0 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to secure/admin/guncelle.asp, (2) kulad and sifre parameters to secure/admin/giris.asp, and (3) username and password to secure/admin/default.asp.