[HSC Security Group] SQL Injection in Product Cart 2.6

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [HSC Security Group] SQL Injection in Product Cart 2.6
From: zinho@xxxxxxxxxxxxxxxxx
Date: 30 Jul 2005 11:54:10 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Hackers Center Security Group (http://www.hackerscenter.com/)          
Zinho's Security Advisory           

Desc: SQL Injection in Product Cart 2.6 
Risk: Medium to High

An SQL injection affects Product Cart 2.6. Database Manipulation is possible.

viewPrd.asp?idcategory='

Vendor: http://www.earlyimpact.com/
"Our ecommerce software is used all over the world to build and manage 
professional Internet stores. As one of the most comprehensive ecommerce 
systems available today, ProductCart combines a long list of features with 
intuitive management tools that make it easy for anyone to build and manage 
their online storefront."


We are looking for security researchers into web application security field to 
join our crew. If you're interested get in contact with Zinho at
zinho@xxxxxxxxxxxxxxxxx

Prev by Date: Trillian Ver 3.1 saves password's in plain Text
Next by Date: RO CP root exploit
Previous by thread: Re: Trillian Ver 3.1 saves password's in plain Text
Next by thread: RO CP root exploit
Index(es):
- Date
- Thread