Bugtraq: ASPjar guestbook (Injection in login page)

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

ASPjar guestbook (Injection in login page)

From: farhad koosha <farhadkey () yahoo com>
Date: 10 Feb 2005 19:05:10 -0000



Go to /admin/login.asp and type in password field:
' or ''='
Also in some version of ASPjar , Attackers can delete messages .
Go to /admin/delete.asp

By Date By Thread

Current thread:

ASPjar guestbook (Injection in login page) farhad koosha (Feb 10)