E-SMART CART productdetail.asp product_id SQL Injection

2007-01-04T07:03:58
ID OSVDB:31679
Type osvdb
Reporter OSVDB
Modified 2007-01-04T07:03:58

Description

Manual Testing Notes

http://[target]/[path]//productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=[SQL]

References:

Secunia Advisory ID:23610 Other Advisory URL: http://www.milw0rm.com/exploits/3074 ISS X-Force ID: 31243 FrSIRT Advisory: ADV-2007-0036 CVE-2007-0092