20/20 real estate [ multiples injection sql ]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

vendor site:http://www.2020applications.com/
product:20/20 real estate
bug:injection sql 
risk:high



injection sql get :
/listings.asp?itemID='[sql]
/listings.asp?peopleID='[sql]
/f-google_earth.asp?itemID='[sql]
/f-email.asp?strPeopleID=1&itemID='[sql]
/listings.asp?strPageSize=1&strCurrentPage=1&peopleID='[sql]




laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@xxxxxxxxx
[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux