Multi Agent System city. asp SQL injection vulnerability and fix-vulnerability warning-the black bar safety net

2011-02-19T00:00:00
ID MYHACK58:62201129232
Type myhack58
Reporter 佚名
Modified 2011-02-19T00:00:00

Description

Author: R4dc0re

Information Description: a Multi-Agent System of the city. asp the reason there may be the use ofSQL injectionis due to this file and there is insufficient filtering of user requests query caused. The use of this vulnerability may allow an attacker to use to the server application, access or Modify user data and even the underlying data. Test the presence of vulnerabilities the version is 3. 0,other versions may also the presence of the same vulnerability,not fully tested.

Use: http://www.xxxx.net/multi/city.asp?probe=[Code]

Fix: filter user requests query