Detections
Analytics

CubeCart includes/content/viewProd.inc.php productId Parameter SQL Injection

high Nessus Plugin ID 42878

Language:

Synopsis

A PHP application hosted on the remote web server has a SQL injection vulnerability.

Description

The version of CubeCart running on the remote host has a SQL injection vulnerability. Input to the 'productId' parameter of is not properly sanitized in 'includes/content/viewProd.inc.php' before it is used in database queries.

Regardless of PHP's 'magic_quotes_gpc' setting, a remote attacker could exploit this to execute arbitrary queries, which could, in turn be used to take control of the database or mount further attacks.

Solution

Upgrade to CubeCart 4.3.7 or apply the vendor's patch.

See Also

http://www.nessus.org/u?5ee93303

Plugin Details

Severity: High

ID: 42878

File Name: cubecart_productid_sqli.nasl

Version: 1.15

Type: remote

Family: CGI abuses

Published: 11/24/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:cubecart:cubecart

Required KB Items: www/cubecart

Excluded KB Items: Settings/disable_cgi_scanning

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/18/2009

Vulnerability Publication Date: 11/18/2009

Reference Information

CVE: CVE-2009-4060

BID: 37065

CWE: 89

SECUNIA: 37402