midicartSQL.txt

2005-11-15T00:00:00
ID PACKETSTORM:41523
Type packetstorm
Reporter crazy frog
Modified 2005-11-15T00:00:00

Description

                                        
                                            `Midicart sql injection  
==================  
  
product description(from site):-  
==================  
MidiCart is a Try-Before-You-Buy Shopping Cart Software, that provides  
all you need to create, operate, and maintain a professional Internet  
shop. MidiCart ASP and PHP Shopping Cart is extremely easy to use,  
flexible, powerful and affordable e-commerce solution for your web  
site.  
  
details:-  
=======  
there exists a vulnerability query string in search_list.asp  
file,which is vulerable to sql injection attack.an attacker can run  
any arbitary query.  
  
How to determine:-  
=================  
enter following query in to search box:-  
1' union select * from products'  
this will list all the products.it mean the installation is vulnerable.  
  
workaround:-  
===========  
santinize the input supplied.it is stored in a variable named "searchstring".  
  
--  
ting ding ting ding ting ding  
ting ding ting ding ding  
i m crazy frog :)  
"oh yeah oh yeah...  
another wannabe, in hackerland!!!"  
  
--  
ting ding ting ding ting ding  
ting ding ting ding ding  
i m crazy frog :)  
"oh yeah oh yeah...  
another wannabe, in hackerland!!!"  
`