AlstraSoft AskMe Pro forum_answer.php que_id Variable SQL Injection

2007-07-22T00:00:00
ID OSVDB:37095
Type osvdb
Reporter OSVDB
Modified 2007-07-22T00:00:00

Description

Manual Testing Notes

http://[target]/ask/forum_answer.php?que_id=85%20or%201=1 //SQL

References:

Related OSVDB ID: 37096 Other Advisory URL: http://lostmon.blogspot.com/2007/07/alstrasoft-multiple-products-multiple.html CVE-2007-4085