Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Link Exchange Lite [injection sql]

From: saps.audit () gmail com
Date: 21 Nov 2006 19:33:44 -0000
vendor site: http://softacid.net/
product:Link Exchange Lite
bug: injection sql
risk : high 


injection sql (post) :
/search.asp
post your sql query into the search engine field


injection sql (get):
/linkslist.asp?psearch='[sql]



laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit () gmail com
Previous By Date Next
Previous By Thread Next

Current thread: