Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11300
HistoryFeb 05, 2006 - 12:00 a.m.

sql injection in ASP Survey

2006-02-0500:00:00
vulners.com
11

Hi guys
there is a simple sql injection in web app. (ASP Survey) by this vuln. you can go into the admin page

Target Page : login.asp
Vendor : ASP Survey
Exploit : User: admin Password: 'or'

Hacking: 1. search on google.com as :
allinurl:"login.asp" ASPsurvey
and then type the Exploit in correct order…
and Enjoy the admin CP.