• info
• discussion
• exploit
• solution
• references

CartWIZ SearchResults.ASP IDCategory Argument SQL Injection Vulnerability

No exploit is required.

The following proof of concept is available:
http://www.example.com/store/searchResults.asp?name=&idCategory=[SQL]&sku=&priceFrom=0&priceTo=9999999999&validate=1