Link Exchange Lite [injection sql]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Link Exchange Lite [injection sql]

Subject: Link Exchange Lite [injection sql]
Date: 21 Nov 2006 19:33:44 -0000
From: suppressed

vendor site: http://softacid.net/
product:Link Exchange Lite
bug: injection sql
risk : high 


injection sql (post) :
/search.asp
post your sql query into the search engine field


injection sql (get):
/linkslist.asp?psearch='[sql]



laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: suppressed

Prev by Date: Re: Re: Phpjobscheduler 3.0 - Multiple Remote File Include
Next by Date: creadirectory [injection sql & xss]
Previous by thread: Re: Re: Phpjobscheduler 3.0 - Multiple Remote File Include
Next by thread: creadirectory [injection sql & xss]
Index(es):
- Date
- Thread

Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.