Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:29747
HistorySep 09, 2013 - 12:00 a.m.

Sql Injection in "2easy Web Applications"

2013-09-0900:00:00
vulners.com
23

Hi!
I have discovered a sql injection bug in "2easy Web Applications".
vendor: http://www.2easy.gr/

bug in: readText.asp?textID=

live examples:
http://www.mroe.org/en/readText.asp?textID=223
http://www.ananeotiki.gr/el/readText.asp?textID=7078
http://www.vpg.nu/sv/readText.asp?textID=8

and so on…

discovered by syst3m_f4ult