| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 12 Dec 2003 21:48:58 -0000 From: JeiAr <security@...ftech.org> To: bugtraq@...urityfocus.com Subject: osCommerce 2.2-MS1 SQL Injection Vulnerability Vendor : osCommerce URL : http://www.oscommerce.com Version : osCommerce 2.2-MS1 / Older Versions? Risk : SQL Injection Vulnerability Description: osCommerce is an online shop e-commerce solution under on going development by the open source community. Its feature packed out-of-the-box installation allows store owners to setup, run, and maintain their online stores with minimum effort and with absolutely no costs or license fees involved. Problem: osCommerce is vulnerable to SQL Injection vulnerability in the create_account_process.php file. osCommerce 2.2-MS1 is the affected version, and older versions are likely to be affected as well. The attack can be carried out by a malicious user who is registering an account. All one has to do to exploit the vulnerability is save the registration form offline. After doing so an attacker can edit the "country" field to include SQL. Solution: The vendor was not contacted as the problem seems to have been resolved in osCommerce 2.2-MS2 Users are advised upgrade to the current milestone release http://www.oscommerce.com/downloads Credits: Credits go to JeiAr of the GulfTech Security Research Team. http://www.gulftech.org
Powered by blists - more mailing lists