Lucene search
PHPMyCart (shop.php cat) Remote SQL Injection Vulnerability
PHPMyCart Remote SQL Injection Vulnerability. Not verified category ID variable leads to SQL injection. Allows attacker to access sensitive database information through SQL queries without triggering errors
Show more
===========================================================
PHPMyCart (shop.php cat) Remote SQL Injection Vulnerability
===========================================================
######################
#
#PHPMyCart Injection Vulnerability
#
######################
#
#Bug by: h0yt3r
#
##
###
##
#
#Script suffers from a not correctly verified category id variable which is used in SQL Querys.
#An Attacker can easily get sensitive information from the database by
#injecting unexpected SQL Querys.
#
#We dont get any SQL Errors when the Injection Query appear to be false.
#However we have to look for content changing when we inject.
#Look at AND 1=1/AND 1=0
#All rows are echoed on the left side.
#
#SQL Injection:
#http://[target]/[path]/shop.php?cat=[SQL]
#
#PoC:
#shop.php?cat=2%20and%201=0%20union%20select%201,concat(name,0x3a,login,0x3a,@@VERSION,0x3a,user(),0x3a,database())%20from%20user
#
#######################
# 0day.today [2018-01-10] #Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contactย us for a demo andย discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo14 Jun 2008 00:00Current
7.1High risk
Vulners AI Score7.1