Lucene search
SecurityvulnsSECURITYVULNS:DOC:19496HistoryMar 25, 2008 - 12:00 a.m.
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection
2008-03-2500:00:00
vulners.com
92
Discovered By : Arsalan Emamjomehkashan
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection
Website:http://aeries.com/
SQL injection:
GradebookOptions.asp?GrdBk=SQL
loginproc.asp If you post variable "SchlCode"
XSS:
UserName variable on loginproc.asp and usr on Login.asp