2 matches found
SQL Injection Vulnerability in WebShow Shopping System V5.4 getpwd2.asp
Netshow shopping system is a shopping website developed with asp+access. A SQL injection vulnerability exists in NetShow Shopping System V5.4 getpwd2.asp. An attacker can obtain sensitive database information by constructing a specific SQL injection...
网趣网上购物系统getpwd2.asp注入漏洞
网趣网上购物系统是一套简单易用、功能强大、用户使用最为广泛的网上购物开店平台,凭借多年的网上购物系统研发经验,软件功能日趋强大与完善、依托庞大的用户使用群体,网趣网上购物系统越来越受到用户的青睐,成为众多用户网上开店首选品牌。 漏洞页面:getpwd2.asp 漏洞代码: % username=request.form"username" set rs=Server.CreateObject"Adodb.Recordset" sql="select from user where username='"&username&"' " rs.open sql,conn,1,1 If...