AOH :: HP Unsorted D :: C07-1113.HTM

DuWare DuNews SQL Injection Vuln



DuWare DuNews SQL Injection Vuln
DuWare DuNews SQL Injection Vuln



#Aria-Security Team Advisory
# For English > 
# For Persian > 
#Original Advisory:
#http://www.aria-security.com/forum/showthread.php?t=61 
#-----------------------------------------------------------
#Software: DuNews
#Method: SQL Injection
#Vendor: http://www.duware.com/ 
#
#PoC:
#http://target/type.asp?iType=[SQL Injection] 
#http://target/detail.asp?iNews=[SQL Injection] 
#http://target/detail.asp?iType=[SQL Injection] 
#http://target/detail.asp?action=[SQL Injection] 
#
#Contact: Advisory@aria-security.net 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.