Image gallery with Access Database SQL Injection
Date: 16 Nov 2006 00:23:27 -0000
From: [email protected]
To: [email protected]
Subject: Image gallery with Access Database SQL Injection
X-Virus-Scanned: antivirus-gw at tyumen.ru
#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory : http://aria-security.net/advisory/igwad.txt
#-----------------------------------------------------------
#Software: Image gallery with Access Database
#Method : SQL Injection
#
#PoC:
#http://target/path/dispimage.asp?id=[SQL Injection]
#http://target/path/default.asp?page=2&order=[SQL Injection]
#http://target/path/default.asp?page=[SQL INJECTION]&order=id
#
#Contact: [email protected]
