HotWeb Rentals suffers from a remote SQL injection vulnerability.
8cb39327a8568ed7be92b8abe0f4a184346e1c420f665f031f8a779ffd5ccc6b
HotWeb Rentals "PageId" SQL Injection Vulnerability
PRODUCT >>> http://www.hotwebscripts.co.uk/
Input passed to the "PageId" parameter in default.asp is not properly sanitised before being used in
SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
POC >>> default.asp?PageId=-15+union+select+11,22,33,44,55,66,77,88,99+from+users
--
non-customers crew | http://rock-madrid.com/
--