ASPSiteWare Contact Directory 1.0 - SQL Injection

Author: R4dc0re
type: webapps
platform: asp
port: 
date_added: 2010-12-04 
date_updated: 2010-12-04 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

# Author: R4dc0re
# Exploit Title: ASPSiteware Contact Directory SQL injection Vulnerability
# Date: 04-12-2010
# Vendor or Software Link: www.aspsiteware.com
# Category:WebApp
#Version:1.0
#Price:40$
#Contact: R4dc0re@yahoo.fr
#Website: www.1337db.com
#Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members

Submit Your Exploit at Submit@1337db.com

########################################################################################
[Product Detail]

Contact Directory is an application that allows you to set up and share contacts online.
Great for a club or organization web site or for personal use.
Backend by Access database, Contact Directory can store thousands of names and contact information
in alphabetical categories.

[Vulnerability]

SQL Injection:
http://server/Directory/type.asp?iType=[Code]
########################################################################################