20/20 datashed suffers from multiple SQL injection vulnerabilities.
3599832d02aae81bba29e72815f88eb22b19f5c6fd2b5107cdd4e606306e355f
vendor site:http://www.2020applications.com/
product:20/20 datashed
bug:injection sql
risk:high
injection sql get :
/f-email.asp?strPeopleID=1&itemID='[sql]
/listings.asp?peopleID='[sql]
/listings.asp?sort_order='[sql]
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@gmail.com