| VID |
21960 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The osCommerce is vulnerable to an SQL injection vulnerability via the 'shopping_cart.php' script. osCommerce is an online shop e-commerce solution under on going development by the open source community. osCommerce versions prior to 2.2 ms2 060817 are vulnerable to an SQL injection vulnerability, caused by improper filtering of user-supplied input passed to the 'id' array parameters of the 'shopping_cart.php' script. If the 'magic_quotes_gpc' option is disabled, this vulnerability could permit a remote attacker to pass malicious input to database queries, potentially resulting in data exposure, modification of the query logic, or even data modification or attacks against the database itself.
* References:
http://forums.oscommerce.com/index.php?showtopic=223556&pid=918371
http://www.gulftech.org/?node=research&article_id=00110-08172006
http://securitytracker.com/id?1016719
* Platforms Affected:
osCommerce versions prior to 2.2 ms2 060817
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of osCommerce (2.2 Milestone 2 Update 060817 or later), available from the osCommerce Web site at http://www.oscommerce.com |
| Related URL |
CVE-2006-4297 (CVE) |
| Related URL |
19644 (SecurityFocus) |
| Related URL |
28434 (ISS) |
|
