LDF (Default.asp) Sql Injection Vulnerability

Arash.Setayeshi | 6 Feb 17:49

Picon

LDF (Default.asp) Sql Injection Vulnerability

Product : LDF 
vendor : www.ldf.22.cn

Vulnerable Versions : All 

Default.asp Page has an issue on validating "Page" parameter , It could be exploited by attacker & attacker
can inject arbitrary Sql Commands

http://www.example.com/[ldf path]/default.asp?page=[SQL COMMAND]

Navigate

Go to gmane.comp.security.bugtraq.

Topic

Go to the topic.

Search Archive

Language

Change language

Options

Current view: Threads only / Showing whole messages / Not hiding cited text.
Change to All messages, shortened messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane