The free, open source project called "aspReady FAQ" is open for SQL-injection.
This results is admin access with the ability change/delete the entire database.
An example on SQL-inject that works could be:
1'or'1'='1
After doing a google search, I've found out that some companies are actually using this free aspReady FAQ.
Credits to: Preben Nylokken
The system can be found at:
http://pscode.com/vb/scripts/ShowCode.asp?txtCodeId=9055&lngWId=4
Live sample can be found and tested on:
www.itsikkerhet.com/db/faq
- Preben Nyloekken
This information is provided for TESTING and LEGAL RESEARCH purposes only. All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum