header-logo
Suggest Exploit
vendor:
PHPCart
by:
SecurityFocus
7.5
CVSS
HIGH
Input Validation
20
CWE
Product Name: PHPCart
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: N/A
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2005

PHPCart Remote Input Validation Vulnerability

PHPCart is prone to a remote input validation vulnerability. The issue exists because the software fails to sufficiently sanitize URI parameter data that is employed when computing product charges. A remote attacker may exploit this issue to manipulate invoice and payment charges for a specific PHPCart order.

Mitigation:

Input validation should be performed to ensure that untrusted data is not used to compute product charges.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/13406/info

PHPCart is prone to a remote input validation vulnerability. The issue exists because the software fails to sufficiently sanitize URI parameter data that is employed when computing product charges.

A remote attacker may exploit this issue to manipulate invoice and payment charges for a specific PHPCart order. 

http://www.example.com/phpcart.php?action=add&id=1002&descr=Mobile%20Phone&price=0&postage=&quantity=100

Navigation

Suggest Exploit

Services By CQR