• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Cosmoshop Multiple SQL Injection Vulnerabilities

Cosmoshop is prone to multiple SQL injection vulnerabilities. These issues are due to a lack of properly sanitized input to several CGI scipts.

An attacker may compromise this application by using SQL injection techniques to bypass the admin login process. Successful exploitation results in gaining full administrative access within the context of the affected application.