Gatesoft Docusafe 4.1.0 - SQL Injection

EDB-ID:

15686


Author:

R4dc0re

Type:

webapps


Platform:

ASP

Date:

2010-12-05


# Author: R4dc0re
# Exploit Title: Gatesoft Docusafe Sql Injection Vulnerablity 
# Date: 05-12-2010
# Vendor or Software Link:http://gatesoft.no/
# Category:WebApp
# Version:4.1.0
# Price:3500$
# Contact: R4dc0re@yahoo.fr
# Website: www.1337db.com
# Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members

  Submit Your Exploit at Submit@1337db.com

########################################################################################
[Product Detail]

Product Document Management (PDM) system special made for electronics and 
or mechanical industry. 
DocuSafe is used by large manufacturers in several countries.
Code: ASP 2.0 & VBScript

[Vulnerability]

SQL Injection:

http://server/ECO.asp?ECO_ID=[Code]
########################################################################################