| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20061118002850.25710.qmail@securityfocus.com> Date: 18 Nov 2006 00:28:50 -0000 From: Advisory@...a-security.net To: bugtraq@...urityfocus.com Subject: [Aria-Security's Research Team] ActiveNews Manager SQL Injection Vulnerabilite #Aria-Security Team Advisory #<www.Aria-security.Com For English > #<www.Aria-Security.net For Persian > #Original Advisory : #http://www.aria-security.com/forum/showthread.php?t=33 #----------------------------------------------------------- #Software: ActiveNews Manager #Method: SQL Injection And Cross Site Scripting #http://www.dotnetindex.com/activenews.asp # #PoC: #http://target/path/activeNews_categories.asp?catID=[SQL INJECTION] #http://target/path/activeNews_comments.asp?articleID=[SQL INJECTION] #http://target/path/activenews_view.asp?articleID=[SQL INJECTION] #http://target/path/default.asp?page=[SQL INJECTION] #http://target/path/activenews_search.asp?query=[XSS] # #Contact: Advisory@...a-security.net
Powered by blists - more mailing lists