SQL Injection from SPAM message :)

[<auto67574 () hushmail com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

As I am getting tired of getting these:
"... a g3n3ric v3rsion of \/1agra ... The d0ct0r c0nsultat1on and sh1pp1ng
is fr33, and your 0rd3r w1ll arr1v3 at your d00r qu1ck1y and d1scr3t3ly.
http://www.onmarclass.com/host/default.asp?id=yr1";

I decided to check for SQL Injection :)... well ... reader is left to
think what can be done
http://www.onmarclass.com/host/default.asp?id=y2'r1

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator)
in query expression 'affil_ID='y2'r1''.

/host/utilities.asp, line 13
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3

wkYEARECAAYFAj+NdlIACgkQEEhLYD+KBOIEUACdELlLbtoZteWNvuPBECYEkwoQ+PEA
ni/k33U+yMZA7dxAMukYD1fbR/2d
=yR7y
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434

Promote security and make money with the Hushmail Affiliate Program: 
https://www.hushmail.com/about.php?subloc=affiliate&l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html