https://www.exploit-db.com/exploits/23791
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200411-043

SpiderSalesshoppingcart软件中的viewCart.asp存在SQL注入漏洞。远程攻击者可以借助userId参数执行任意SQL。

source: http://www.securityfocus.com/bid/9799/info

Multiple vulnerabilities have been identified in the application that may allow an attacker to obtain the private cryptographic key and gain access to sensitive information. The application is also reported prone to an SQL injection vulnerability that may allow an attacker to gain administrative level access to the underlying database.

The issues exist due to improper implementation of the RSA cryptosystem by SpiderSales and failure to sanitize user-supplied input via the 'userId' URI parameter employed by various scripts.

SpiderSales version 2.0 is assumed to be vulnerable to these issues, however, other versions could be affected as well.

http://www.example.com/Carts/Computers/viewCart.asp?userID=2893225125722634';exec%20master..xp_cmdshell%20'dir%20c:%20>%20c:inetpubwwwrootdirc.txt'--&viewID=48

来源:XF
名称:spidersales-userid-sql-injection(15371)
链接:http://xforce.iss.net/xforce/xfdb/15371
来源:BID
名称:9799
链接:http://www.securityfocus.com/bid/9799
来源:www.s-quadra.com
链接:http://www.s-quadra.com/advisories/Adv-20040303.txt
来源:BUGTRAQ
名称:20040303SpiderSalesshoppingcartsoftwaremultiplesecurityvulnerabilities
链接:http://marc.theaimsgroup.com/?l=bugtraq&m;=107833097705486&w;=2