there's also one injection sql in : /default.asp?nav=38x47&contid=-80 and an error sql here : /default.asp?nav=38x47&contid=606&lid=-20 http://sap.ca/