|Google Dork Description: inurl:guestbook/guestbooklist.asp "Post Date" From Country||GHDB-ID: 1222|
|Google Search: inurl:guestbook/guestbooklist.asp "Post Date" From||EDB-ID: N/A|
A sql vulnerability has been reported in a Techno Dreams asp script, login.asp. http://search.securityfocus.com/archive/1/414708/30/0/threadedSeveral ways of finding the vulnerable file:Guestbook (the above dork): inurl:guestbook/guestbooklist.asp "Post Date" From Country Results 1 - 21 of 123Announcement: inurl:MainAnnounce1.asp "show all" Results 1 -20 of 86WebDirectory: inurl:webdirectory "Total Available Web Sites" Search Results 1 - 4 of 5MailingList: inurl:maillinglist/emailsadd.asp Results 1 - 6 of 6note these dorks don't find the vulnerable script; to find it change the url to /admin/login.asp or /login.asp.The default admin user/pass is admin/admin. Some results leave this info on the page and others load the page with this info already filled out.