Bugtraq mailing list archives
Midicart sql injection
From: crazy frog crazy frog <i.m.crazy.frog () gmail com>
Date: Sat, 12 Nov 2005 23:35:02 +0530
Midicart sql injection ================== product description(from site):- ================== MidiCart is a Try-Before-You-Buy Shopping Cart Software, that provides all you need to create, operate, and maintain a professional Internet shop. MidiCart ASP and PHP Shopping Cart is extremely easy to use, flexible, powerful and affordable e-commerce solution for your web site. details:- ======= there exists a vulnerability query string in search_list.asp file,which is vulerable to sql injection attack.an attacker can run any arbitary query. How to determine:- ================= enter following query in to search box:- 1' union select * from products' this will list all the products.it mean the installation is vulnerable. workaround:- =========== santinize the input supplied.it is stored in a variable named "searchstring". -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) "oh yeah oh yeah... another wannabe, in hackerland!!!" -- ting ding ting ding ting ding ting ding ting ding ding i m crazy frog :) "oh yeah oh yeah... another wannabe, in hackerland!!!"
Current thread:
- Midicart sql injection crazy frog crazy frog (Nov 14)
- <Possible follow-ups>
- Re: Midicart sql injection [at] (Nov 15)