Информационная безопасность
[RU] switch to English


Дополнительная информация

  Ежедневная сводка ошибок в Web-приложениях (PHP, ASP, JSP, CGI, Perl )

  SiteXpress SQL Injection

  SiteXpress SQL Injection

  [Full-disclosure] Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability

  ASPintranet SQL Injection

From:laurent gaffié <saps.audit_(at)_gmail.com>
Date:14 ноября 2006 г.
Subject:Mega Mall [ multiples injection sql & full path disclosure ]

vendor site: http://products.kaonsoftwares.com/
product: mega-mall
bug:injection sql & full path disclosure
language: asp
risk: high

injection sql (get):
http://site.com/mega-mall/product_review.php?t=[sql]
http://site.com/mega-mall/product_review.php?t=0&productId=[sql]
http://site.com/mega-mall/product_review.php?t=0&productId=1004&sk=[sql]

http://site.com/mega-mall/product_review.php?t=0&productId=1004&t=0&x
=
[sql]
http://site.com/mega-mall/product_review.php?t=0&productId=1004&sk=USERID
&so=
[sql]

injection sql (post) :
http://site.com/mega-mall/order-track.php
Variables:
/mega-mall/order-track.php?Enter=1&orderNo=[sql]

full path dislosure:
http://site.com/mega-mall/product_review.php?t=0&productId=1004&t=0&x
[]=


laurent gaffiй & benjamin mossй
http://s-a-p.ca/
contact: [email protected]

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород