Baykus Yemek Tarifleri <= 2.1 SQL Injection Vulnerability

# Title: Baykus Yemek Tarifleri <= 2.1 SQL Injection Vulnerability
# EDB-ID: 11605
# CVE-ID: ()
# OSVDB-ID: ()
# Author: cr4wl3r
# Published: 2010-02-28
# Verified: no
# Download Exploit Code
# Download Vulnerable app

view source
print?
# Baykus Yemek Tarifleri <= 2.1 SQL Injection Vulnerability
# By cr4wl3r
############################################################
# Code:

include(”ayar.php”);

$ids= $_GET["id"];

$yaz= mysql_fetch_array(mysql_query(”select * from tarifler where id=’$ids’”));

mysql_select_db(”yemek”);

mysql_query(”SET NAMES ´latin5´”);
mysql_query(”SET CHARACTER SET latin5″);

$baslik= $yaz["baslik"];
$resim = $yaz['resim'];
if($resim==”"){
$resim= “bos.png”;
}
$kisa= $yaz["kisa"];
$tarif= $yaz["metin"];
############################################################
# PoC: [path]/oku.php?id=[SQL]
############################################################