BugTraq
Back to list
|
Post reply
ASPintranet SQL Injection
Nov 15 2006 04:18AM
Advisory Aria-security net
#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory : http://aria-security.net/advisory/ecommercekit.txt
#-----------------------------------------------------------
#Software: UStore | E-Commerce Kit 2
#Vendor: http://www.sitesoutlet.com/
#Method : SQL Injection
#
#PoC:
#http://target/[path]/viewDetails.asp?pid=[HERE]
#http://target/[path]/viewDetails.asp?catalog.asp?sid=[HERE]
#
#Contact: Advisory (at) aria-security (dot) net [email concealed]
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory : http://aria-security.net/advisory/ecommercekit.txt
#-----------------------------------------------------------
#Software: UStore | E-Commerce Kit 2
#Vendor: http://www.sitesoutlet.com/
#Method : SQL Injection
#
#PoC:
#http://target/[path]/viewDetails.asp?pid=[HERE]
#http://target/[path]/viewDetails.asp?catalog.asp?sid=[HERE]
#
#Contact: Advisory (at) aria-security (dot) net [email concealed]
[ reply ]