Ecommercemax Solutions Digital Goods Seller SQL Injection

2010-12-05 09:16:35

# Author: R4dc0re
# Exploit Title:Ecommercemax Solutions Digital good seller Sql Injection Vulnerablity
# Date: 05-12-2010
# Vendor or Software Link:http://www.ecommercemax.com/
# Category:WebApp
# Version:1.5
# Price:60$
# Contact: [email protected]
# Website: www.1337db.com
# Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members

Submit Your Exploit at [email protected]

########################################################################################
[Product Detail]

DGS auto-fulfills the orders by sending a download code, password and
download link to your customers instantly.
They get the goods, you get the cash! All these happening w/out you lifting a finger.
Sell e-books, e-zines, Flash, digital arts, ringtones... Code: ASP 2.0 & VBScript

[Vulnerability]

SQL Injection:

http://server/shoppingcart.asp?d=[Code]
########################################################################################

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.