vendor site:http://www.sitesoutlet.com/
product:E-commerce Kit 1 PayPal Edition
bug:injection sql
risk:medium


injection sql :
http://site.com/PATH/catalogue.asp?keyword='[sql]
http://site.com/PATH/catalogue.asp?cid='[sql]
http://site.com/PATH//viewDetail.asp?pid='[sql]


laurent gaffié & benjamin mossé
http://s-a-p.ca/
contact: saps.audit@gmail.com