Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Bugtraq
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerabil

from [john] Network Security [Permanent Link]
Subject: RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability
Date: 29 May 2007 18:43:26 -0000 
SalesCart Shopping Cart - SQL Injection Vulnerability

SalesCart does not sanitize any forms in cgi-bin/reorder2.asp, allowing an 
attacker to inject arbitrary SQL queries, as well as possible command execution.

Google d0rk: "Sorry, you have no Items in your Shopping Cart !" 
inurl:cgi-bin/view1.asp
Vulnerable Variable: All forms in reorder2.asp
Vulnerable File: cgi-bin/reorder2.asp (password: x' OR 'x'='x)
Vendor Status: Notified multiple times, no response. Possible silent patch.

John Martinelli
john@martinelli.com

RedLevel Security
RedLevel.org

May 30th, 2007
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • RedLevel Advisory #23 - SalesCart Shopping Cart SQL Injection Vulnerability, john <=
Previous by Date:  Re: Mac OS X vpnd local format string, lists
Next by Date:  Apache httpd vulenrabilities, Blazej Miga
Previous by Thread:  [MajorSecurity Advisory #48]eggblog - Session fixation Issue, admin
Next by Thread:  Apache httpd vulenrabilities, Blazej Miga
Indexes:  [Date] [Thread] [Top] [All Lists]