Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: e-commerce, shopping carts :: b06-4304.htm

CubeCart <= 3.0.11 SQL injection & cross site scripting



CubeCart <= 3.0.11 SQL injection & cross site scripting
CubeCart <= 3.0.11 SQL injection & cross site scripting



--------------------------------------------------------------------------------=0D
CubeCart <= 3.0.11 SQL injection & cross site scripting=0D
software:=0D
site: http://www.cubecart.com/site/home/=0D 
description: "CubeCart is an eCommerce script written with PHP & MySQL. With=0D
CubeCart you can setup a powerful online store as long as you have hosting=0D
supporting PHP and one MySQL database."=0D
--------------------------------------------------------------------------------=0D
=0D
i) sql injection:=0D
poc exploit and explaination here:=0D
http://retrogod.altervista.org/cubecart_3011_sql_mqg_bypass.html=0D 
and here:=0D
http://retrogod.altervista.org/cubecart_3011_sql.html=0D 
the issue could affect other payment modules in modules/gateway/ folder=0D
=0D
ii) multiple xss:=0D
=0D
=0D">http://[target]/[path_to_cubecart]/admin/filemanager/preview.php?file=">=0D 
=0D">http://[target]/[path_to_cubecart]/admin/filemanager/preview.php?file=1&x=">=0D 
=0D">http://[target]/[path_to_cubecart]/admin/filemanager/preview.php?file=1&y=">=0D 
=0D">http://[target]/[path_to_cubecart]/admin/login.php?email=">=0D 
=0D
--------------------------------------------------------------------------------=0D
rgod                                                           17/08/20067.15.36=0D
=0D
site: http://retrogod.altervista.org=0D 
mail: rgod at autistici.org=0D
original advisory: http://retrogod.altervista.org/cubecart_3011_adv.html=0D 
--------------------------------------------------------------------------------=0D


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH