Product : LDF
vendor : www.ldf.22.cn
Vulnerable Versions : All
Default.asp Page has an issue on validating "Page" parameter , It could be
exploited by attacker & attacker can inject arbitrary Sql Commands
http://www.example.com/[ldf path]/default.asp?page=[SQL COMMAND]
Product Name : Oblog System
Vendor : www.oblog.cn
Oblog XSS valnerability (in err.asp page)
example : http://example/oblog/err.asp?message=XSS
Product : Lootan System
vendor : www.kedor.cn
vulnerable versions : RC1 & prior
example :
http://example/ly/login.asp?username=[SQL Command]
Product : LDF
vendor : www.ldf.22.cn
LDF Sql injection vulnerability (in login.asp page) =>
example :
http://example/[ldf path]/login.asp?user=[SQL COMMAND]
