Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
CWE-89 | Unknown | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | Critical | Remote | 2005-12-12 |
CPE |
---|
cpe:cpe:/a:purl:asp-rider-default-asp-sql-injection |
Vendor : http://www.asp-rider.com Vulnerable Versions : 1.6 Where is the bug ---------------------- in default.asp : refsss=split(refererssss, "/",-1,1) refererdomain=refsss(2) strsql="Select * From tbl_refererd where domain='" & refererdomain & "'" objrs.open strsql, objconn,3,3 ---------------------- and you can enter sql code to database with this referer CODE --> "http://[SQLINJECTION]" ASP-Rider splits "http://[SQLINJECTION]" two sections are : 1)http:// 2)[SQLINJECTION]
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.