Back to list
|
Post reply
20/20 datashed [ multiples injection sql ]
Nov 17 2006 07:17PM
saps audit gmail com
vendor site:http://www.2020applications.com/
product:20/20 datashed
bug:injection sql
risk:high
injection sql get :
/f-email.asp?strPeopleID=1&itemID='[sql]
/listings.asp?peopleID='[sql]
/listings.asp?sort_order='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
product:20/20 datashed
bug:injection sql
risk:high
injection sql get :
/f-email.asp?strPeopleID=1&itemID='[sql]
/listings.asp?peopleID='[sql]
/listings.asp?sort_order='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit (at) gmail (dot) com [email concealed]
[ reply ]