| VID |
21627 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The ProductCart software is vulnerable to multiple input validation vulnerabilities (1). ProductCart is an ecommerce shopping cart program written in ASP for Microsoft Windows operating systems. ProductCart versions 1.0 through to 2.0 are vulnerable to multiple input validation vulnerabilities, which can be exploited by remote attackers to conduct various information disclosure, cross-site scripting and SQL injection attacks.
1) An information disclosure vulnerability in ProductCart 1.0 through 2 allow a remote attacker to obtain sensitive information, such as the administrator's password and customer information, by sending a specially-crafted HTTP request for the EIPC.mdb database file with insecure permissions.
2) Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow a remote attacker to gain access to the admin control panel via the idadmin parameter to login.asp or gain other privileges via the Email parameter to Custva.asp.
3) Cross-site scripting (XSS) vulnerability in msg.asp in ProductCart versions 1.5 and earlier allow a remote attacker to execute arbitrary web script via the message parameter.
* References:
http://www.earlyimpact.com/productcart/support/security-alert-070403.asp
http://www.earlyimpact.com/productcart/support/security-alert-070603.asp
http://bosen.net/releases/?id=40
http://www.securiteam.com/windowsntfocus/5DP0420AKG.html
http://archives.neohapsis.com/archives/bugtraq/2003-07/0030.html
http://archives.neohapsis.com/archives/bugtraq/2003-07/0064.html
http://archives.neohapsis.com/archives/bugtraq/2003-07/0113.html
* Platforms Affected:
EarlyImpact, ProductCart versions 1.0 through to 2.0
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of ProductCart (2.0 or later), available from the EarlyImpact Web site at http://www.earlyimpact.com/index.asp |
| Related URL |
CVE-2003-0522,CVE-2003-0523 (CVE) |
| Related URL |
8103,8105,8108,8112 (SecurityFocus) |
| Related URL |
12515,12517,12524 (ISS) |
|
