NASLDB: Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
General
ID: 14183
Name: Comersus Cart Multiple Input Validation Vulnerabilities (SQLi, XSS)
Summary: Checks for Comersus
Credits: Tenable Network Security, Inc.
Classification
Risk: –
CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Temporal Vector: CVSS2#E:H/RL:U/RC:ND
Port: 80
Family: CGI abuses
Type: Remote
Description
The remote host is running the Comersus Shopping Cart Software.
There is a flaw in this interface that allows an attacker to log in
as any user by using a SQL injection flaw in the code of
comersus_backoffice_login.php.
An attacker may use this flaw to gain unauthorized access on
this host, or to gain the control of the remote database.
In addition to this, the remote version of this software may be
vulnerable to other issues (see BID 10674).
Exploiting
Exploit Available: True
Exploitability Ease: No exploit is required
Sources
CVE: CVE-2004-0681
OSVDB: –
Bugtraq: 10674
scipID: –
Timeline
Vulnerability Disclosure: 2004/07/06
Patch Release: –
Plugin Release: 2004/08/02
Plugin
Version: 1.21
Filename: comersus_sql_injection.nasl
Filesize: 3346 bytes
MD5 Hash: 2b102c4b825595fac19ef7a29d924737
Identification: –
Require Keys: www/ASP
Dependencies: "http_version.nasl"
Copyright: This script is Copyright© 2004-2011 Tenable Network Security, Inc.
- Latest Plugins
- USN-1611-1 : thunderbird vulnerabilities
- USN-1610-1 : linux vulnerability
- USN-1609-1 : linux-ti-omap4 vulnerability
- SuSE 10 Security Update : PostgreSQL
- RHSA-2012-1364: bind97
- RHSA-2012-1363: bind
- RHSA-2012-1362: thunderbird
- RHSA-2012-1361: xulrunner
- Mandriva Linux Security Advisory : graphicsmagick
- FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack