eShopping SQL Injection
Date: 13 Nov 2006 23:56:17 -0000
From: [email protected]
To: [email protected]
Subject: eShopping SQL Injection
X-Virus-Scanned: antivirus-gw at tyumen.ru
#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory : http://aria-security.net/advisory/ecommercestore.txt
#-----------------------------------------------------------
#Software: E Commerce Store Shop Builder
#Method : SQL Injection
#
#PoC:
#http://target/path/fulldetails.asp?brand=&idcategory=&scata=&idProduct=[SQL INJECTION]
#http://target/path/categories.asp?id=[SQL INJECTION]
#
#Contact: [email protected]
