Cs-Cart 2.2.1 SQL Injection

2011.09.02
Credit: Net.Edit0r
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

__________.__ __ ___ ___ \______ \ | _____ ____ | | __ / | \ ____ | | _/ | \__ \ _/ ___\| |/ / ______ / ~ \/ ___\ | | \ |__/ __ \\ \___| < /_____/ \ Y / /_/ > |______ /____(____ /\___ >__|_ \ \___|_ /\___ / \/ \/ \/ \/ \//_____/ .ORG ################################################### [-] Exploit Title: Cs-Cart Ver 2.2.1 [products.php] Sql Injection Vulnerability [-] Author: Net.Edit0r [-] Home : Black-HG.Org [-] Version: 2.2.1 [-] Software Link: http://dl.p30vel.ir/CS-Cart.v2.2.1.Multi-Vendor.PHP.NULL-DGT.zip [-] Email : Black.hat.tm[at]Gmail[dot]Com / Net.Edit0r[at]att[dot]net [-] Date : 30/08/2011 [-] CVE : N/A ################################################## # | Exploit : # | http://127.0.0.1/controllers/customer/products.php?tabs_group_id=[SQL INJECT] ################################################## # | Greetz : # | A.Cr0x & 3H34N & 4m!n & Cyrus & tHe.k!ll3r & Mr.XHat & Mikili ################################################## magic_quotes_gpc :: Off ################################################## I Love Iran And All Iranian People ##################################################

References:

http://dl.p30vel.ir/CS-Cart.v2.2.1.Multi-Vendor.PHP.NULL-DGT.zip


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top