SECUNIA ADVISORY ID: SA28831
VERIFY ADVISORY: http://secunia.com/advisories/28831/
CRITICAL: Moderately critical
IMPACT: Manipulation of data, Exposure of sensitive information
SOFTWARE: Customer Testimonials 3.x (addon for osCommerce) - http://secunia.com/product/17490/
DESCRIPTION: A vulnerability has been discovered in the Customer Testimonials addon for osCommerce, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed to the "testimonial_id" parameter in customer_testimonials.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows e.g. retrieving customer e-mail addresses and password hashes. The vulnerability is confirmed in version 3.1. Other versions may also be affected.
SOLUTION: Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY: "it's my"
ORIGINAL ADVISORY: http://milw0rm.com/exploits/5075
osCommerce Customer Testimonials Addon SQL InjectionPosted on Thursday, February 07, 2008 @ 12:15:06 CST in Security |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
