AOH :: HP Unsorted A :: BX2546.HTM

aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection



aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection
aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection



Discovered By : Arsalan Emamjomehkashan

aeries browser interface(ABI) 3.8.3.14 Remote SQL Injection

Website:http://aeries.com/
SQL injection:
GradebookOptions.asp?GrdBk=SQL
loginproc.asp If you post variable "SchlCode"
XSS:
UserName variable on loginproc.asp and usr on Login.asp

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.