Gatesoft Docusafe 4.1.0 - SQL Injection Vulnerability

EDB-ID: 15686 CVE: 2010-4736 OSVDB-ID: 72913
Verified: Author: R4dc0re Published: 2010-12-05
Download Exploit: Source Raw Download Vulnerable App: N/A
# Author: R4dc0re
# Exploit Title: Gatesoft Docusafe Sql Injection Vulnerablity 
# Date: 05-12-2010
# Vendor or Software Link:http://gatesoft.no/
# Category:WebApp
# Version:4.1.0
# Price:3500$
# Contact: R4dc0re@yahoo.fr
# Website: www.1337db.com
# Greetings to: R0073r(1337db.com), L0rd CrusAd3r,Sid3^effects and to rest of the 1337db members

  Submit Your Exploit at Submit@1337db.com

########################################################################################
[Product Detail]

Product Document Management (PDM) system special made for electronics and 
or mechanical industry. 
DocuSafe is used by large manufacturers in several countries.
Code: ASP 2.0 & VBScript

[Vulnerability]

SQL Injection:

http://server/ECO.asp?ECO_ID=[Code]
########################################################################################