Title: Ecommerce Corporation Online Store Kit More.PHP Multiple Vulnerabilities
Severity: MODERATE
Description:
Online Store Kit is a web based shopping cart application written in PHP.
Multiple vulnerabilities have been identified in the software due to improper sanitization of user-supplied input. The following specific issues have been reported:
A vulnerability in Online Store Kit could make it possible for a remote user to launch SQL injection attacks. It has been reported that the issue exists due to insufficient sanitizing of the 'id' URI parameter of 'more.php' script. It is possible for a remote user to inject arbitrary SQL queries into the database used by Online Store Kit. This could permit remote attackers to pass malicious input to database queries, resulting in modification of query logic or other attacks.
Successful exploitation could result in compromise of the Online Store Kit, disclosure or modification of data or may permit an attacker to exploit vulnerabilities in the underlying database implementation.
The 'id' parameter of 'more.php' script has been reported to be prone to a cross-site scripting vulnerability as well. An attacker may exploit this vulnerability by creating a specially crafted URL that includes malicious HTML code as a value for the affected parameter. The malicious script code may be rendered in a user's browser upon visiting the link. This attack would occur in the security context of the affected site. Exploitation could allow for theft of cookie-based authentication credentials. Other attacks are also possible.
Online Store Kit version 3.0 has been reported to be prone to these issues.
Affected Products:
- Ecommerce Corporation Online Store Kit 3.0.0 Lite
- Ecommerce Corporation Online Store Kit 3.0.0 Pro
- Ecommerce Corporation Online Store Kit 3.0.0 Standard
References:
- Ecommerce Corporation: Online Store Kit Product Page
- SystemSecure.org: Online Store Kit v3.0 Advisory