Image gallery with Access Database default.asp Multiple Variable SQL Injection

2006-11-16T06:30:11
ID OSVDB:32800
Type osvdb
Reporter OSVDB
Modified 2006-11-16T06:30:11

Description

Manual Testing Notes

http://[target]/path/default.asp?page=2&order=[SQL Injection] http://[target]/path/default.asp?page=[SQL INJECTION]&order=id

References:

Related OSVDB ID: 32799 Other Advisory URL: http://aria-security.net/advisory/igwad.txt Other Advisory URL: http://securityreason.com/securityalert/2147 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-11/0306.html CVE-2006-6932 Bugtraq ID: 21131