Full Disclosure: Re: [HTTPCS] FreeWebshop 'Text' Remote SQL Injection Vulnerability

Re: [HTTPCS] FreeWebshop 'Text' Remote SQL Injection Vulnerability

From: Julius Kivimäki <julius.kivimaki () gmail com>
Date: Mon, 17 Sep 2012 16:42:06 +0300

Did you guys seriously just send five different advisories on five
different vulnerable parameters on one vulnerable script?

2012/9/17 HTTPCS <contact () httpcs com>

**
 HTTPCS Advisory : HTTPCS100
Product : FreeWebshop
Version : 2.2.9
Date : 2012-09-17
Criticality level : Highly Critical
Description : A vulnerability has been discovered in FreeWebshop, which
can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the 'Text' parameter to '/index.php?page=cart&action=add'
is not properly sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.
Page : /index.php?page=cart&action=add
Variables :
sub=Bestellen&prodprice=1234.56&numprod=1&prodid=1&Text=[VulnHTTPCS]
Type : SQLI
Method : POST
Solution :
References : https://www.httpcs.com/advisory/httpcs100
Credit : HTTPCS [Web Vulnerability Scanner]
 _______________________________________________

Twitter : http://twitter.com/HTTPCS_
Free web vulnerability scanner HTTPCS : https://www.httpcs.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

[HTTPCS] FreeWebshop 'Text' Remote SQL Injection Vulnerability HTTPCS (Sep 17)
- Re: [HTTPCS] FreeWebshop 'Text' Remote SQL Injection Vulnerability Julius Kivimäki (Sep 17)
  - Re: [HTTPCS] FreeWebshop 'Text' Remote SQL Injection Vulnerability Benji (Sep 17)