MooreAdvice (productlist.asp) SQL injection Vulnerable

vendor:

N/A

by:

Th3 RDX

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: N/A

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Demo Site

2010

MooreAdvice (productlist.asp) SQL injection Vulnerable

MooreAdvice is vulnerable to SQL injection via the 'CatID' parameter in the 'productlist.asp' and 'productdetail.asp' pages. An attacker can inject arbitrary SQL code into the 'CatID' parameter and execute it on the underlying database.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

# Exploit Title: MooreAdvice (productlist.asp) SQL injection Vulnerable
# Date: 1-07-2010
# Author: Th3 RDX
# Software Link:
# Version: n/a
# Tested on: Demo Site
# category: webapp
# Code : n/a
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 L0v3 To: R00T, R45c4l, Agent: 1c3c0ld, Big Kid, Lucky, r0073r(inj3ct0r.com),
                          Nishi (br0wn_sug4r)
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
   RooT Bro waiting for u to come online desperately and missing you alot :(
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
       Gr33tz to ### Team I.C.A | www.IndiShell.in | Team I.C.W ###
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

##############################################################################
%//

----- [ Founder ] -----

        Th3 RDX

----- [ E - mail ] -----

    th3rdx@gmail.com


                                                        %\\
##############################################################################

##############################################################################
%//

----- [Title] -----

MooreAdvice (productlist.asp) Sql injection Vulnerable

----- [ Vendor ] -----

http://www.mooreadvice.com/

                                                        %\\
##############################################################################

##############################################################################
%//

----- [ Injection (s) ] -----

----- [ SQL Injection ] -----

Put [SQL CODE]

[Link] http://server/MooreAdvice/productlist.asp?CatID=[SQL CODE]

[Link] http://server/MooreAdvice/productdetail.asp?CatID=[SQL CODE]

[Link] http://server/MooreAdvice/newsdetail.asp?id=[SQL CODE]


                                                        %\\
##############################################################################

##############################################################################
%//

              >>>>>> TESTED ON <<<<<<

----- [ Live Link (s) ] -----

[SQLi] http://<server>/newsdetail.asp?id=16[CODE]

[SQLi] http://<server>/Productdetail.asp?id=37&parent=1[CODE]


                                                        %\\
##############################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  Thanks To All: www.Exploit-db.com | Inj3ct0r Team | www.hack0wn.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=> PROUD TO BE AN INDIAN

=> c0d3 for motherland, h4ck for motherland

==> i'm little more than useless <==
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>.

Bug discovered : 1 July 2010

finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

#End 0Day#