<<< Date Index >>>     <<< Thread Index >>>

SQL Injection On DUportal



Proof of Concept:
/News/cat.asp?iCat=' [SQL INJECTION]&iChannel=1&nChannel=News
/Articles/cat.asp?iCat=' [SQL INJECTION]&iChannel=2&nChannel=Articles
/Pictures/cat.asp?iCat=' [SQL INJECTION]&iChannel=3&nChannel=Pictures 


Original advisory:http://www.aria-security.net/advisory/duportal.txt