Web application abuses : Zen Cart <= 1.3.8a Multiple Vulnerabilities

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.800820

Categoría: Web application abuses

Título: Zen Cart <= 1.3.8a Multiple Vulnerabilities

Resumen: Zen Cart is prone to multiple vulnerabilities.

Descripción: Summary:
Zen Cart is prone to multiple vulnerabilities.

Vulnerability Insight:
The following vulnerabilities exist:

- CVE-2009-2254: Error in admin/sqlpatch.php file due to lack of sanitisation of the input query
string passed into the 'query_string' parameter in an execute action in conjunction with a
PATH_INFO of password_forgotten.php file.

- CVE-2009-2255: Access to admin/record_company.php is not restricted and can be exploited via
the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php,
then accessing this file via a direct request to the file in images/.

Vulnerability Impact:
Successful exploitation will let the remote attacker to execute
SQL commands or arbitrary code by uploading a .php file, and compromise the application,
or exploit latent vulnerabilities in the underlying database.

Affected Software/OS:
Zen Cart version 1.3.8a and prior.

Solution:
Apply the security patch from the references.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2009-2254
BugTraq ID: 35468
http://www.securityfocus.com/bid/35468
http://www.exploit-db.com/exploits/9005
http://www.osvdb.org/55343
http://secunia.com/advisories/35550
XForce ISS Database: zencart-sqlpatch-sql-injection(51317)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51317
Common Vulnerability Exposure (CVE) ID: CVE-2009-2255
BugTraq ID: 35467
http://www.securityfocus.com/bid/35467
http://www.exploit-db.com/exploits/9004
http://www.osvdb.org/55344
XForce ISS Database: zencart-recordcompany-code-execution(51316)
https://exchange.xforce.ibmcloud.com/vulnerabilities/51316

Copyright Copyright (C) 2009 Greenbone Networks GmbH

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.800820
Categoría:	Web application abuses
Título:	Zen Cart <= 1.3.8a Multiple Vulnerabilities
Resumen:	Zen Cart is prone to multiple vulnerabilities.
Descripción:	Summary: Zen Cart is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2009-2254: Error in admin/sqlpatch.php file due to lack of sanitisation of the input query string passed into the 'query_string' parameter in an execute action in conjunction with a PATH_INFO of password_forgotten.php file. - CVE-2009-2255: Access to admin/record_company.php is not restricted and can be exploited via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/. Vulnerability Impact: Successful exploitation will let the remote attacker to execute SQL commands or arbitrary code by uploading a .php file, and compromise the application, or exploit latent vulnerabilities in the underlying database. Affected Software/OS: Zen Cart version 1.3.8a and prior. Solution: Apply the security patch from the references. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2254 BugTraq ID: 35468 http://www.securityfocus.com/bid/35468 http://www.exploit-db.com/exploits/9005 http://www.osvdb.org/55343 http://secunia.com/advisories/35550 XForce ISS Database: zencart-sqlpatch-sql-injection(51317) https://exchange.xforce.ibmcloud.com/vulnerabilities/51317 Common Vulnerability Exposure (CVE) ID: CVE-2009-2255 BugTraq ID: 35467 http://www.securityfocus.com/bid/35467 http://www.exploit-db.com/exploits/9004 http://www.osvdb.org/55344 XForce ISS Database: zencart-recordcompany-code-execution(51316) https://exchange.xforce.ibmcloud.com/vulnerabilities/51316
Copyright	Copyright (C) 2009 Greenbone Networks GmbH