ASPSiteWare Contact Directory 1.0 – SQL Injection

• Exploit Database
• 6 阅读

• 作者： R4dc0re
  日期： 2010-12-04
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15683/

• # Author: R4dc0re
  # Exploit Title: ASPSiteware Contact Directory SQL injection Vulnerability
  # Date: 04-12-2010
  # Vendor or Software Link: www.aspsiteware.com
  # Category:WebApp
  #Version:1.0
  #Price:40$
  #Contact: R4dc0re@yahoo.fr
  #Website: www.1337db.com
  #Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members 
  
  Submit Your Exploit at Submit@1337db.com
  
  ########################################################################################
  [Product Detail]
  
  Contact Directory is an application that allows you to set up and share contacts online.
  Great for a club or organization web site or for personal use.
  Backend by Access database, Contact Directory can store thousands of names and contact information
  in alphabetical categories.
   
  [Vulnerability]
  
  SQL Injection:
  http://server/Directory/type.asp?iType=[Code]
  ########################################################################################