This is a writeup describing a SQL injection vulnerability in ASPSiteware Gallery 1.0. The vulnerability allows an attacker to inject malicious SQL code via the 'iType' parameter in the 'type.asp' page.
Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target:ASPSiteware Gallery 1.0
No auth needed
Prerequisites:Access to the vulnerable web application