OpenCart 1.3.2 SQL Injection Vulnerability
Posted on 07 March 2010
========================================== OpenCart 1.3.2 SQL Injection Vulnerability ========================================== ##########################[Andr?s G?mez]########################## # Exploit Title : OpenCart 1.3.2 SQL Injection # Date : 07/03/2010 # Author : Andr?s G?mez # Software Link : http://www.coompras.com/opencart/opencart.htm # Contact : gomezandres[4t]adinet[dot]com.uy<http://com.uy> # Dork : No DoRk ######################################################################## # An attacker may execute arbitrary SQL statements on the vulnerable system. # This may compromise the integrity of your database and/or expose sensitive information. ######################################################################## # Example 1: index.php?route=product%2Fspecial&path=20&page=' # Example 2: index.php?route=product%2Fspecial&path=20&page=' # Example 3: index.php?route=product%2Fcategory&path=20&page=andres'" ######################################################################## # Malicious users may inject SQL code into a vulnerable # application to fool a user in order to gather data from them. An attacker can # take admin user and login in your panel. ######################################################################## # Solution: # You have to put this regular expresion in the first two lines of your index.php # $_GET = preg_replace("|([^ws'])|i",'',$_GET); # $_POST = preg_replace("|([^ws'])|i",'',$_POST); ######################################################################## # ~ - [ [ : Inj3ct0r : ] ]
