CVE-2007-4173

Hunkaray Okul Portali 1.1 - SQL Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2007-4173. PoCs published by Yollubunlar.Org.

AI-analyzed exploit summary This exploit demonstrates an SQL injection vulnerability in Hunkaray Okul Portali 1.1. The PoC shows how an attacker can extract sensitive data (e.g., admin password) by injecting a UNION-based SQL query into the 'id' parameter.

Description

SQL injection vulnerability in duyuruoku.asp in Hunkaray Okul Portali 1.1 allows remote attackers to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-3080.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Yollubunlar.Org · textwebappsasp

https://www.exploit-db.com/exploits/30446

View Code ZIP pw:eip

This exploit demonstrates an SQL injection vulnerability in Hunkaray Okul Portali 1.1. The PoC shows how an attacker can extract sensitive data (e.g., admin password) by injecting a UNION-based SQL query into the 'id' parameter.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Hunkaray Okul Portali 1.1

No auth needed

Prerequisites: Access to the vulnerable web application

MITRE ATT&CK