sql injection in ASP Survey

2006-02-05T00:00:00
ID SECURITYVULNS:DOC:11300
Type securityvulns
Reporter Securityvulns
Modified 2006-02-05T00:00:00

Description

Hi guys there is a simple sql injection in web app. (ASP Survey) by this vuln. you can go into the admin page

Target Page : login.asp Vendor : ASP Survey Exploit : User: admin Password: 'or'

Hacking: 1. search on google.com as : allinurl:"login.asp" ASPsurvey and then type the Exploit in correct order... and Enjoy the admin CP.