BugTraq
Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability Aug 05 2016 05:33PM
Summer of Pwnage (lists securify nl)
------------------------------------------------------------------------

Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP
Object injection vulnerability
------------------------------------------------------------------------

Yorick Koster, June 2016

------------------------------------------------------------------------

Abstract
------------------------------------------------------------------------

A PHP Object injection vulnerability was found in the Ecwid Ecommerce
Shopping Cart WordPress Plugin, which can be used by an unauthenticated
user to instantiate arbitrary PHP Objects. Using this vulnerability it
is possible to execute arbitrary PHP code.

------------------------------------------------------------------------

OVE ID
------------------------------------------------------------------------

OVE-20160803-0002

------------------------------------------------------------------------

Tested versions
------------------------------------------------------------------------

This issue was successfully tested on the Ecwid Ecommerce Shopping Cart
WordPress Plugin version 4.4/4.4.3.

------------------------------------------------------------------------

Fix
------------------------------------------------------------------------

This issue has been addressed in Ecwid Ecommerce Shopping Cart version
4.4.4.

------------------------------------------------------------------------

Details
------------------------------------------------------------------------

https://sumofpwn.nl/advisory/2016/ecwid_ecommerce_shopping_cart_wordpres
s_plugin_unauthenticated_php_object_injection_vulnerability.html

------------------------------------------------------------------------

Summer of Pwnage (https://sumofpwn.nl) is a Dutch community project. Its
goal is to contribute to the security of popular, widely used OSS
projects in a fun and educational way.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus