Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

Advanced Poll 2.0.7 Remote File Include Vulnerability

phpWebThings 1.5.2 (editor.php) Remote File Include Vulnerability

PHPQuickGallery <= 1.9 (textFile) Remote File Include Vulnerability

ASPNuke <= 0.80 (register. asp) Remote SQL Injection Vulnerability

From:	Advisory_(at)_Aria-Security.net <Advisory_(at)_Aria-Security.net>
Date:	20.11.2006
Subject:	A-Cart 2.0 SQL Injection

#Aria-Security Team Advisory
#<www.Aria-security.Com For English >
#<www.Aria-Security.net For Persian >
#Original Advisory: #http://www.aria-security.com/forum/showthread.php?t=31
#-----------------------------------------------------------
#Software: A-Cart 2.0
#Vendor: http://alanward.net/acart/
#Method: SQL Injection
#
#PoC:
#http://target/path/category.asp?catcode=[SQL INJECTION]
#
#
#Contact: Advisory@aria-security.net