Ecommercemax Solutions Digital Goods Seller – SQL Injection

• Exploit Database
• 11 阅读

• 作者： R4dc0re
  日期： 2010-12-05
• 类别：

  • webapps
  平台：

  • asp
• 来源：https://www.exploit-db.com/exploits/15687/

• # Author: R4dc0re
  # Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity 
  # Date: 05-12-2010
  # Vendor or Software Link:http://www.ecommercemax.com/
  # Category:WebApp
  # Version:1.5
  # Price:60$
  # Contact: R4dc0re@yahoo.fr
  # Website: www.1337db.com
  # Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members
  
  Submit Your Exploit at Submit@1337db.com
  
  ########################################################################################
  [Product Detail]
  
  DGS auto-fulfills the orders by sending a download code, password and 
  download link to your customers instantly. 
  They get the goods, you get the cash! All these happening w/out you lifting a finger. 
  Sell e-books, e-zines, Flash, digital arts, ringtones... Code: ASP 2.0 & VBScript
  
  [Vulnerability]
  
  SQL Injection:
  
  http://server/shoppingcart.asp?d=[Code]
  ########################################################################################