BugTraq
Back to list
|
Post reply
ZH2003-3SA (security advisory): Storefront sql injection: users info disclosure
Jul 12 2003 01:56PM
G00db0y (G00db0y zone-h org)
ZH2003-3SA (security advisory): Storefront sql injection: users info
disclosure
Published: 12/07/2003
Released: 12/07/2003
Name: Storefront sql injection: users info disclosure
Affected Systems: StoreFront 6.0 (and older versions?)
Issue: Remote attackers can obtain users info
Author: G00db0y (at) zone-h (dot) org [email concealed]
Description
***********
Zone-h Security Team has discovered a serious security flaw in StoreFront
6.0
(and older versions?). "Storefront offers merchants and developers a
feature
rich, fully customizable e-commerce solution at a fraction of the cost to
deploy
and maintain."
Details
*******
Storefront is an ASP shopping cart / storefront system that covers all
the
needs for ecommerce web sites.
It's possible to retrieve sensible users information. There is a sql
injection vulnerability in /login.asp of StoreFront system. It's possible
to login with this email id and password:
' or 'a'='a
to have then access to the first user in database structure. If an
attacker
knew any email address of a registered user, it'll be possible for him to
retrieve
the registered uses's information from this login page.
Example:
Email of registered user: example (at) example (dot) com [email concealed]
Email id (user in the login.asp): example (at) example (dot) com [email concealed]
Password: ' or 'a'='a
Solution:
*********
The vendor has been contacted and a patch is not yet produced
Suggestions:
************
Nothing
G00db0y - www.zone-h.org admin
Original advisory here: http://www.zone-h.org/en/advisories/read/id=2684/
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
ZH2003-3SA (security advisory): Storefront sql injection: users info
disclosure
Published: 12/07/2003
Released: 12/07/2003
Name: Storefront sql injection: users info disclosure
Affected Systems: StoreFront 6.0 (and older versions?)
Issue: Remote attackers can obtain users info
Author: G00db0y (at) zone-h (dot) org [email concealed]
Description
***********
Zone-h Security Team has discovered a serious security flaw in StoreFront
6.0
(and older versions?). "Storefront offers merchants and developers a
feature
rich, fully customizable e-commerce solution at a fraction of the cost to
deploy
and maintain."
Details
*******
Storefront is an ASP shopping cart / storefront system that covers all
the
needs for ecommerce web sites.
It's possible to retrieve sensible users information. There is a sql
injection vulnerability in /login.asp of StoreFront system. It's possible
to login with this email id and password:
' or 'a'='a
to have then access to the first user in database structure. If an
attacker
knew any email address of a registered user, it'll be possible for him to
retrieve
the registered uses's information from this login page.
Example:
Email of registered user: example (at) example (dot) com [email concealed]
Email id (user in the login.asp): example (at) example (dot) com [email concealed]
Password: ' or 'a'='a
Solution:
*********
The vendor has been contacted and a patch is not yet produced
Suggestions:
************
Nothing
G00db0y - www.zone-h.org admin
Original advisory here: http://www.zone-h.org/en/advisories/read/id=2684/
[ reply ]