BID:51243

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

Info

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

Bugtraq ID:	51243
Class:	Input Validation Error
CVE:	CVE-2012-5300
Remote:	Yes
Local:	No
Published:	Jan 03 2012 12:00AM
Updated:	Oct 08 2012 06:40PM
Credit:	easy laster
Vulnerable:	MyStore Xpress Tienda Virtual 2.0

Not Vulnerable:

Discussion

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

Tienda Virtual is prone to an SQL-injection vulnerability because the application fails to properly sanitize user-supplied input before using it in an SQL query.

A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database.

Exploit / POC

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

Attackers can use a browser to exploit this issue.

The following example URI is available:

http://www.example.com/[path]/art_catalogo.php?id=1+union+select+1,2,3,4,5,6,7,8,9,10,11--+

Solution / Fix

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

References

Tienda Virtual 'art_catalogo.php' SQL Injection Vulnerability

References:

Tienda Virtual Homepage (MyStore Xpress)