PlexCart X3 SQL Injection Vulnerability
###############################################
Vuln. discovered by : r0t
Date: 19 april 2006
vendorlink:www.plexum.com/ecommerce/shopping_cart/
affected versions:X3 and previous
orginal advisory:
http://pridels.blogspot.com/2006/04/plexcart-x3-sql-inj.html
###############################################
Vuln. Description:
PlexCart contains a flaw that allows a remote sql injection
attacks.Inputpassed to the "catid" parameter in "
plexcart.pl" isn't properly sanitised before being used in a SQL query. This
can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
example:
/plexcart.pl?section=catalog&page=subcat&where=
catalog&catid=[SQL]
###############################################
Solution:
Edit the source code to ensure that input is properly sanitised.
###############################################
More information @ unsecured-systems.com/forum/