Exploit ProductCart 1.x/2.x - Weak Cryptography

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
23702
Проверка EDB
  1. Пройдено
Автор
NICK GUDOV
Тип уязвимости
WEBAPPS
Платформа
ASP
CVE
cve-2004-2172
Дата публикации
2004-02-16
Код:
source: https://www.securityfocus.com/bid/9669/info

EarlyImpact ProductCart is reportedly prone to multiple vulnerabilities. The specific issues include SQL injection, cross-site scripting and cryptographic weaknesses. These issues could expose sensitive data such as user credentials and allow for execution of hostile script code and HTML. These issues could allow for full compromise of the software.

An attacker register new customer in store. Let the value of 'First
Name' field in registration form will be equal to
'1*2*3*4*5*6*7*8*9*10*', the value of 'Last Name ' field will be equal
to '34567', the value of 'Password' field will be equal to '111' and the
value of 'Postal Code' field will be equal to '987654'.
 
Источник
www.exploit-db.com

Похожие темы