| VID |
21276 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The PHPCatalog has a SQL Injection vulnerability using index.php script.
PHPCatalog is software used to develop and run e-commerce catalogs for many operating systems. PHPCatalog version 2.6.7 and earlier are vulnerable to a SQL injection attack. This SQL injection vulnerability arises due to handling insufficiently user-supplied input passed to the "index.php" script. The script in question is used to verify account details during the new user registration process and has the filename "index.php". By sending the "id" variable containing SQL queries to the "index.php" script, a remote attacker can manipulate the underlying database. As a result of this an attacker could manipulate the SQL query the script performs and potentially extract information such as password hashes from the database or, possibly, gain access on the underlying host (through, for example, stored procedures or vulnerabilities in the database server).
* References:
http://secunia.com/advisories/10516/
http://www.securitytracker.com/alerts/2003/Dec/1008573.html
* Platforms Affected:
Siliconsys.com PHPCatalog 2.6.7 and earlier
Microsoft Windows Any version
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of PHPCatalog (2.6.10 or later), available from the Siliconsys.com Web site at http://sourceforge.net/projects/phpcatalog/ |
| Related URL |
(CVE) |
| Related URL |
9318 (SecurityFocus) |
| Related URL |
14116 (ISS) |
|
