[VIM] Partial source code verify - "RBL - ASP" scripts SQL injection
Steven M. Christey
coley at mitre.org
Wed Jan 31 14:44:54 EST 2007
Ref: BUGTRAQ RBL - ASP (scripts with db) SQL injection
The referenced vendor site was casually examined to try to infer
actual product names. tUrl was examined, but egrep "user|pass"
tForum's user_confirm.asp has:
>uId = Request("id")
>sql = "select A.* from x_User A Where A.idUser =" & uId & " AND A.sPassword = '" & Request("_pass") & "'"
tpassword's login.asp has:
> iStatus = Check_Login(Request.Form("User"),Request.Form("Password"))
>Function Check_Login(sUser, sPass)
> Dim rs, sql
> sql = "SELECT * FROM tUser WHERE sCode ='" & sUser & "' AND sPassword='" & sPass & "' "
So looks like at least these two are legit. I didn't look at the
More information about the VIM