Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: e-commerce, shopping carts :: b06-5140.htm

Eazy Cart Multiple Security Issues



MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues
MHL-2006-001 Public Advisory: "Eazy Cart" Multiple Security Issues



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

MHL-2006-001 - Public Advisory

+-----------------------------------------------------------+
|            Eazy Cart Multiple Security Issues             |
+-----------------------------------------------------------+


PUBLISHED ON
  October 9th, 2006


PUBLISHED AT
http://www.mayhemiclabs.com/advisories/MHL-2006-01.txt 
http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006001 


PUBLISHED BY
  Mayhemic Labs
http://www.mayhemiclabs.com 

  security AT mayhemiclabs DOT com
  GPG key: 0x56143F84


APPLICATION
  Eazy Cart
http://www.eazycart.com/ 
  "Eazy Cart the easy to install shopping cart system"


AFFECTED VERSIONS
  All Verison


ISSUES
  Eazy Cart is vulnerable to authenication bypassing,
  data injection, and XSS attacks

	1) Authenication bypass
	Eazy Cart does not check login credentials past the
	initial login screen of the administration menu.
	
	Example:
	An attacker can access all administrative functions
	without authentication by going to /admin/home/index.php.
	
	2) Data Injection
	Eazy Cart trusts user entered data implicitly, allowing
	an attacker to adjust prices and other values when
	ordering.
	
	Example: A user can craft a malicious URL to submit
	incorrect data to easycart.php telling it to add items
	to its cart for incorrect prices, including negative
	values.
	
	3) XSS
	Eazy Cart trusts user entered data implicitly, not
	sanatizing it for malicious code.
	
	Example: A user can craft a malicious URL to submit
	incorrect data to easycart.php feeding it malicious
	javascript
	
WORKAROUNDS
	None at this time

SOLUTIONS
	None at this time

REFERENCES
	None
	
TIMELINE
	October 3rd, 2006
		Vendor/Developer Notified
	October 8th, 2006
		Vendor/Developer notification returned.
	October 9th, 2006
		Public Release		

ADDITIONAL CREDIT
  N/A

LICENSE
  Creative Commons Attribution-ShareAlike License
http://creativecommons.org/licenses/by-sa/2.5 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org 

iD8DBQFFKvXhzjnMaVYUP4QRAh6bAKC6C4ZG/KkYsijeVnC2AuiwvG1O1wCeNePN
aVJsxgezSujUz7MNkJQavJ8=Is2h
-----END PGP SIGNATURE-----



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH