ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - Standard and Pro)

[ZetaLabs <zetalabs () zone-h org>]

ZH2004-07SA (security advisory): Multiple Sql injection vulnerabilities in Online Store Kit 3.0 Products (Lite - 
Standard and Pro)

Published: 17 february 2004

Released: 17 february 2004

Name: Online Store Kit Products (Lite - Standard - Pro)

Affected Systems: 3.0

Issue: Sql Injection Vulnerability

Author: G00db0y from Zone-h Security Labs - zetalabs () zone-h org - g00db0y () zone-h org

Vendor: http://www.ecommerce.com




Description

***********

Zone-h Security Team has discovered multiple flaws in Online Store Kit 3.0 Products (Lite - Standard - Pro). There are 
multiple vulnerabilities in the current version of Online Store Kit Lite that allows an attacker to disclose sensitive 
information that could be used to gain unauthorized access.
Online Store Kit 3.0 Lite:"That pretty much says it all when it comes to the Online Store Kit 3.0 Lite. To sum it up, 
this package includes all of the features that are essential for a usable shopping cart with uninterrupted functioning. 
If your e-commerce needs don't go far, but the products/services you offer have the demand, this package is for you. 
Please, note, that all the packages include core features and have room for additional features. The core features are 
included in every package, and provide a solid base for building a successful e-store. The functionality and the 
quantity of additional features depend on the package you choose."
Online Store Kit 3.0 Standard: "Going with the standard is always a good thing; especially when it comes to making a 
profit. When your store goes online, you should attract visitors not only with the assortment of the products and 
services you offer, but also with a dynamic and friendly sales atmosphere. If organized with Online Store Kit 3.0 
Standard, your e-store will include all the basic features plus advanced functionality, enabling a powerful and 
profit-generating virtual shop."
Online Store Kit 3.0 Pro: "Intense research, development and testing has brought us to what we call the Online Store 
Kit 3.0 Pro. The features which enable a comprehensive procedure for purchasing, taxation calculation, shipping and 
handling, and payment methods are the hallmarks of this professional package. Please, note, that all the packages 
include core features and additional ones."






Details

******* 


The problems exist due to insufficient sanitization of user-supplied data. A remote attacker may exploit these issues 
to influence SQL query logic to disclose sensitive information that could be used to gain unauthorized access.

For example try this:

http://address/directory/shop.php?cat=[query]
http://address/directory/more.php?id=[query]
http://address/directory/lite/shop_by_brand.php?cat_manufacturer=[query]
http://address/directory/listing.php?id=[query]




Solution:

*********

The vendor has been contacted and a patch was not yet produced.



G00db0y from Zone-h Security Labs - zetalabs () zone-h org - g00db0y () zone-h org



http://www.zone-h.org/en/advisories/read/id=3972/