A-Cart Pro suffers from a SQL injection vulnerability.
2b0ad31b786c3e3213c2862150bc5276a9ce13ec5810d2ec231f3cda6ac92005
vendor site:http://www.alanward.net/
product:A-Cart pro
bug:injection sql
risk:medium
injection sql (get) :
/category.asp?catcode='[sql]
/product.asp?productid='[sql]
injection sql (post) :
http://site.com/search.asp
Variables:
/search.asp?search='[sql]
( or just post your query in the search engine ... )
laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@gmail.com