VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 Credit card fraud and hackers
 update Exploit from Team P350
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

p350
Starting Member

1 Posts

Posted - December 29 2003 :  03:14:52  Show Profile  Reply with Quote
dear all
that have an e commerce site,
we, as known as team p350, or 1ndonesian Security Team,
had updated the expolit against vpasp sql database,
and until right now, we still can get into database
and download all the database in vpasp,

I have done what I had supposed to do,
I'm contacting the vendor, and told that a bug in the software,
So I thinks it's just a warning from our team,
that if you update your security, we update our exploit to,

hope you understand, and good luck to oatching all of your server

Edited by - p350 on December 29 2003 03:17:18

support
Administrator

4266 Posts

Posted - December 29 2003 :  03:50:10  Show Profile  Visit support's Homepage  Reply with Quote
I have not yet decided whether you are trying to help or trying to hack.

We have not heard anything from you in many weeks and we take security seriously.

If you know of a security issue, we definitely want to know about it.

Howard Kadetz
VP-ASP

Go to Top of Page

siraj
VP-ASP New User

USA
194 Posts

Posted - December 29 2003 :  23:26:43  Show Profile  Visit siraj's Homepage  Reply with Quote
Only thing this team pointed out in their site was:
usiing the shopdbtest.asp files to know about dblocation and dbname and direct download. You can check out this team site at
http://drponidi.5u.com/advisory.htm
SIRAJ

Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000