# Exploit Title: easyweb SQLi Vulnerability
# Date: 09/03/2012
# Author: Persia Security Group - (Prince & mafia1990)
# Vendor Homepage: http://www.easy-web.it/
# Version: All Version
# Google Dork: intext:"powered by easyweb" site:it
# Tested on: win 2003 & 2008 server , Vista , 7 & IIS 6.0, 7.0, 7.5
==========================================================================================
Vulnerability Details
==========================================================================================

/*********/
intext:"powered by easyweb" site:it
/*********/

========================================Exploit============================================
The SQLi vulnerability in param[?id=]      &&==> .!..

Code: asp, aspx, MSAccess

Example:

    http://localhost/anyanyany.asp?id=XX[SQLi]

Demo:
    http://www.cococool.it/dettagli.asp?id=1666[SQLi Here]

==========================================================================================