Absolute Shopping Package Solutions Shopping Cart 多个SQL注入漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1109380 漏洞类型 SQL注入
发布时间 2005-12-03 更新时间 2006-06-09
CVE编号 CVE-2005-4003 CNNVD-ID CNNVD-200512-058
漏洞平台 ASP CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/26702
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-058
|漏洞详情
AbsoluteShoppingPackageSolutions(ASPS)ShoppingCartProfessional2.9d及之前版本,以及Lite2.1及之前版本存在多个SQL注入漏洞。远程攻击者可以借助(1)对adv_search.asp的srch_product_name参数和(2)b对bsearch.asp的b_search参数,执行任意SQL指令。
|漏洞EXP
source: http://www.securityfocus.com/bid/15694/info
 
ASPS Shopping Cart is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input.
 
An attacker may leverage these issues to have arbitrary script code executed in the browser of an unsuspecting user in the context of the affected site.

http://www.example.com/products/bsearch.asp?b_search=%3Cscript%3Ealert%28%27r0t%27%29%3C%2Fscript%3E&x=12&y=7
|参考资料

来源:BID
名称:15694
链接:http://www.securityfocus.com/bid/15694
来源:MISC
链接:http://pridels0.blogspot.com/2005/12/asps-shopping-cart-professional-and.html