[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: ASPjar guestbook (Injection in login page)
From: farhad koosha <farhadkey () yahoo ! com>
Date: 2005-02-10 19:05:10
Message-ID: 20050210190510.31754.qmail () www ! securityfocus ! com
[Download RAW message or body]
Go to /admin/login.asp and type in password field:
' or ''='
Also in some version of ASPjar , Attackers can delete messages .
Go to /admin/delete.asp
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic