[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    ASPjar guestbook (Injection in login page)
From:       farhad koosha <farhadkey () yahoo ! com>
Date:       2005-02-10 19:05:10
Message-ID: 20050210190510.31754.qmail () www ! securityfocus ! com
[Download RAW message or body]



Go to /admin/login.asp and type in password field:
' or ''='
Also in some version of ASPjar , Attackers can delete messages .
Go to /admin/delete.asp
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic