ASPSiteWare Recipe ORGanizer – SQL Injection

• Exploit Database
• 11 阅读

• 作者： R4dc0re
  日期： 2010-12-04
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15679/

• # Author: R4dc0re
  # Exploit Title: ASPSiteware Recipe Organizer SQL injection Vulnerability
  # Date: 04-12-2010
  # Vendor or Software Link: www.aspsiteware.com
  # Category:WebApp
  #Version:1.0
  #Price:50$
  #Contact: R4dc0re@yahoo.fr
  #Website: www.1337db.com
  #Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members 
  
  Submit Your Exploit at Submit@1337db.com
   
  ########################################################################################
  [Product Detail]
  
  Recipe Organizer is an application that allows you to setup and share your recipes online. 
  Great for personal use or as part of a cooking, diet or food related web site. 
  Backend by Access database, Recipe Organizer can store thousands of recipes in an unlimited number
  of categories.
   
  [Vulnerability]
  
  SQL Injection:
  
  http://server/Recipes/type.asp?iType=[Code]
  ########################################################################################