Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
BID:9687
Info
Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
| Bugtraq ID: | 9687 |
| Class: | Input Validation Error |
| CVE: |
CVE-2004-0300 CVE-2001-0148 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 18 2004 12:00AM |
| Updated: | Jul 12 2009 03:06AM |
| Credit: | Disclosure of this issue has been credited to G00db0y. |
| Vulnerable: |
Ecommerce Corporation Online Store Kit 3.0 Standard Ecommerce Corporation Online Store Kit 3.0 Pro Ecommerce Corporation Online Store Kit 3.0 Lite |
| Not Vulnerable: | |
Discussion
Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI.
As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.
It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI.
As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.
Exploit / POC
Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/directory/shop.php?cat=[query]
http://www.example.com/directory/lite/shop_by_brand.php?cat_manufacturer=[query]
http://www.example.com/directory/listing.php?id=[query]
No exploit is required to leverage this issue. The following proof of concept has been provided:
http://www.example.com/directory/shop.php?cat=[query]
http://www.example.com/directory/lite/shop_by_brand.php?cat_manufacturer=[query]
http://www.example.com/directory/listing.php?id=[query]
Solution / Fix
Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Ecommerce Corporation Online Store Kit Multiple SQL Injection Vulnerabilities
References:
References:
- Online Store Kit Product Page (Ecommerce Corporation)
- ZH2004-07SA: Multiple Sql injection vulnerabilities in Online Store Kit (ZetaLabs