Bugtraq mailing list archives
Dogpatch Software CFWebstore 5.0 shopping cart software multiple security vulnerabilities
From: S-Quadra Security Research <research () s-quadra com>
Date: Fri, 12 Mar 2004 13:45:02 +0300
S-Quadra Advisory #2004-03-12Topic: Dogpatch Software CFWebstore 5.0 shopping cart software multiple security vulnerabilities
Severity: High Vendor URL: http://www.cfwebstore.com Advisory URL: http://www.s-quadra.com/advisories/Adv-20040312.txt Release date: 12 Mar 2004 1. DESCRIPTION"CFWebstore® is a completely integrated shopping cart and ecommerce solution written in Cold Fusion. Customize the templates or utilize the built-in store
settings to create your own custom store. CFWebstore can handle just about anything you want to accomplish in putting your business on the web!" - www.cfwebstore.com site says. Please visit www.cfwebstore.com site for more information about this software. 2. DETAILS -- Vulnerability 1: SQL Injection vulnerabilityAn SQL Injection vulnerability has been found in the index.cfm script. User supplied input parameters named 'category_id', 'product_id' and 'feature_id' is not filtered before being used in a SQL query. Consequently, query modification
using malformed input is possible.Successful exploitation of this vulnerability can enable an attacker to execute
commands in the system (via MS SQL xp_cmdshell function). -- Vulnerability 2: Cross Site Scripting vulnerability in 'index.cfm'By injecting specially crafted javascript code in URL and tricking a user to visit it a remote attacker can steal user session id and gain access to user's personal data.
3. FIX INFORMATIONS-Quadra alerted CFWebstore development team on these issues on 04 Mar 2004.
Dogpatch Software response: "The 5.0.1 version of CFWebstore has been released which addresses all thesecurity issues previously mentioned. We recoded the validation we were using to a more standard method and added additional validations for some areas that had not been mentioned, due to our use of the Fusebox methodology, which allows a
user with knowledge of the application to tap into areas other than through typical URL variables." 4. CREDITS Nick Gudov, chief security researcher at S-Quadra <cipher () s-quadra com> has detected above mentioned vulnerabilities. 5. ABOUT S-Quadra dedicates its substantial knowledge and resources to managing clients' IT security risks. S-Quadra audits and protection for software and networks implement pioneering methods and ground-breaking technologies. S-Quadra Advisory #2004-03-12
Current thread:
- Dogpatch Software CFWebstore 5.0 shopping cart software multiple security vulnerabilities S-Quadra Security Research (Mar 12)