OpenCart version 1.3.2 suffers from a remote SQL injection vulnerability.
bf6a6db84d6a93e312dfa8c340f9c457
##########################[Andrés Gómez]##########################
# Exploit Title : OpenCart 1.3.2 SQL Injection
# Date : 07/03/2010
# Author : Andrés Gómez
# Software Link : http://www.coompras.com/opencart/opencart.htm
# Contact : gomezandres[4t]adinet[dot]com.uy<http://com.uy>
# Dork : No DoRk
########################################################################
# An attacker may execute arbitrary SQL statements on the vulnerable system.
# This may compromise the integrity of your database and/or expose sensitive information.
########################################################################
# Example 1: index.php?route=product%2Fspecial&path=20&page='
# Example 2: index.php?route=product%2Fspecial&path=20&page=\'
# Example 3: index.php?route=product%2Fcategory&path=20&page=andres'"
########################################################################
# Malicious users may inject SQL code into a vulnerable
# application to fool a user in order to gather data from them. An attacker can
# take admin user and login in your panel.
########################################################################
# Solution:
# You have to put this regular expresion in the first two lines of your index.php
# $_GET = preg_replace("|([^\w\s\'])|i",'',$_GET);
# $_POST = preg_replace("|([^\w\s\'])|i",'',$_POST);
########################################################################
# Greetz : Mauro Rossi, Raúl Pérez, Willian Mesa, Pablo Solari
# Special Thanks : HYPERNETHOST & Atenea Capacitaciones
##########################[Andrés Gómez]#################################
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
Comments
No comments yet, be the first!