info
discussion
exploit
solution
references
Brooky CubeCart SQL Injection Vulnerability
An exploit is not required. An example URI sufficient to exploit this vulnerability was provided:
http://www.example.com/store/index.php?cat_id=1 or 1=1
Privacy Statement
Copyright 2010, SecurityFocus
