Gatesoft Docusafe 4.1.0 SQL Injection Vulnerability

2010-12-05 09:16:35

# Author: R4dc0re
# Exploit Title: Gatesoft Docusafe Sql Injection Vulnerablity
# Date: 05-12-2010
# Vendor or Software Link:http://gatesoft.no/
# Category:WebApp
# Version:4.1.0
# Price:3500$
# Contact: [email protected]
# Website: www.1337db.com
# Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members

Submit Your Exploit at [email protected]

########################################################################################
[Product Detail]

Product Document Management (PDM) system special made for electronics and
or mechanical industry.
DocuSafe is used by large manufacturers in several countries.
Code: ASP 2.0 & VBScript

[Vulnerability]

SQL Injection:

http://server/ECO.asp?ECO_ID=[Code]
########################################################################################

Fixes

No fixes

In order to submit a new fix you need to be registered.