ThisisLegal.com

ThisisLegal Forums

Welcome to the forums! A chance for site members to chat and get help.

You are not logged in.

#1 2009-04-28 01:37:49

Timse
Member
Registered: 2009-02-08
Posts: 18

VP-ASP Shopping Cart v.6.09 Multiple Vulnerabiliti

Hello I ran Acunetix and found:

VP-ASP Shopping Cart v.6.09 Multiple Vulnerabilities
Vulnerability description
1. Input passed to the "LoginLastname" parameter in "shopgiftregsearch.asp" isn't properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

2. Input passed to the "msg" parameter in "shopcustadmin.asp" isn't properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site

Confirmed in version 6.09. Other versions may also be affected.
Affected items
/shopcustadmin.asp

The impact of this vulnerability
The remote attacker can include arbitrary files from local resources or o manipulate SQL queries by injecting arbitrary SQL code, execute arbitrary HTML and script code in a user's browser session in context of an affected site.


I need help to SQL inject it.
Anyone good at SQL injections?

Offline

#2 2009-04-28 05:24:32

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: VP-ASP Shopping Cart v.6.09 Multiple Vulnerabiliti

You should check milw0rm,they have a great list of popular vulnerabilities. Here is the one you seem to be looking for with a POC:

http://milw0rm.com/exploits/3115


Site admin

Offline

#3 2009-04-28 05:35:51

Timse
Member
Registered: 2009-02-08
Posts: 18

Re: VP-ASP Shopping Cart v.6.09 Multiple Vulnerabiliti

It does not work frown

I dont know if i am doing it right.
I could send you a link but i am warning you. You may not like it...

Offline

#4 2009-04-28 08:38:13

t0mmy9
Administrator
Registered: 2005-01-07
Posts: 21

Re: VP-ASP Shopping Cart v.6.09 Multiple Vulnerabiliti

Just make sure you have the url correct and try it without and with the double forward slash.

//shopgiftregsearch.asp
/shopgiftregsearch.asp


Site admin

Offline

#5 2009-04-28 08:48:30

Timse
Member
Registered: 2009-02-08
Posts: 18

Re: VP-ASP Shopping Cart v.6.09 Multiple Vulnerabiliti

I can get th XSS to work but not SQL.

Offline

Board footer

Powered by FluxBB