source: http://www.securityfocus.com/bid/14469/info Naxtor E-directory is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in SQL queries. Successful exploitation results in gaining full administrative access within the context of the affected application. A proof of concept is available: User ID : admin Password : 'or '='
Related ExploitsTrying to match OSVDBs (1): 18502
Other Possible E-DB Search Terms: Naxtor E-directory 1.0, Naxtor E-directory
|2005-08-03||Naxtor E-directory 1.0 - 'Message.asp' Cross-Site Scripting||basher13|