Carefree Shopping System cookie injection oday Vulnerability

Carefree Shopping System cookie injection oday vulnerability released on: Author: wandering wind affected version: Unknown vulnerability Description: in fact, the Code contains multiple SQLintection, but in Conn. asp: SetConnNothingResponse. write database connection error Response. endEndIf %! -- # Includefile

Carefree Shopping System cookie injection oday Vulnerability

Released on: 2010-04-18
Author: wandering
Affected Version: Unknown
Vulnerability description:
In fact, SQLintection appears in the code, but in Conn. asp:

Set Conn = Nothing Response. Write "database connection error" Response. End If %>

Open sqlcheck. asp, part of the code is as follows:

For Fy_x = 0 to ubound (Fy_Cs)
If Fy_Cs (Fy_x) <> "" Then
If InsTr(LCase (Request (Fy_Cs (Fy_x), "'") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x), "and ") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x), "select") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x), "upDate") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x)," chr ") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x ))), "delete % 20 from") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x ))),";") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x), "insert") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x), "mId") <> 0 or Instr (LCase (Request (Fy_Cs (Fy_x)," master. ") <> 0 Then
Response. Write"