CVE-2004-0300
published 2004-11-23CVE-2004-0300: SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in…
PriorityP343critical10CVSS 2.0
AVNACLAuNCCICAC
EXPLOIT
EPSS
5.17%
91.4th percentile
SQL injection vulnerability in Online Store Kit 3.0 allows remote attackers to inject arbitrary SQL and gain unauthorized access via (1) the cat parameter in shop.php, (2) the id parameter in more.php, (3) the cat_manufacturer parameter in shop_by_brand.php, or (4) the id parameter in listing.php.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ecommerce_corporation_online | store_kit | — | — |
| ecommerce_corporation_online | store_kit | — | — |
| ecommerce_corporation_online | store_kit | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
exploitdb·2007-01-29
CVE-2007-0467 Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
Apple Mac OSX 10.4.8 (8L2127) - 'crashdump' Local Privilege Escalation
---
#!/usr/bin/ruby
# Copyright (c) 2007 Kevin Finisterre
# Lance M. Havok
# All pwnage reserved.
#
# 1) Stop crashdump from writing to ~/Library/Logs via chmod 000 ~/Library/Logs/CrashReporter
# 2) Make symlink to /Library/Logs/CrashReporter/knownprog.crash.log
# 3) Create a program with a modified __LINKEDIT segment that influences crashreporter output
#
# 0000320: 3800 0000 5f5f 4c49 4e4b 4544 4954 0000 8...__LINKEDIT..
# 0000330: 0000 0000 0040 0000 0010 0000 0030 0000 [email protected]..
# 0000340: 2004 0000 0300 0000 0100 0000 0000 0000 ...............
# 0000350: 0400 0000 0e00 0000 1c00 0000 0c00 0000 ................
# 0000360: 2f75 7372 2f6c 6962 2f64 796c 6400 0000 /usr/lib/dyld...
# 0000370: 0c00 0000 3400 000
Exploit-DB
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
exploitdb·2004-02-18
CVE-2004-0300 eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
eCommerce Corporation Online Store Kit 3.0 - 'shop.php?cat' SQL Injection
---
source: https://www.securityfocus.com/bid/9687/info
It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI.
As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.
http://www.example.com/directory/shop.php?cat=[query]
Exploit-DB
eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
exploitdb·2004-02-18
CVE-2004-0300 eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
eCommerce Corporation Online Store Kit 3.0 - 'shop_by_brand.php?cat_manufacturer' SQL Injection
---
source: https://www.securityfocus.com/bid/9687/info
It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI.
As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.
http://www.example.com/directory/lite/shop_by_brand.php?cat_manufacturer=[query]
Exploit-DB
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
exploitdb·2004-02-18
CVE-2004-0300 eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
eCommerce Corporation Online Store Kit 3.0 - 'listing.php?id' SQL Injection
---
source: https://www.securityfocus.com/bid/9687/info
It has been reported that Online Store Kit is prone to multiple SQL injection vulnerabilities. These issues arise due to insufficient sanitation of user-supplied input via the URI.
As a result of this a malicious user may influence database queries in order to view or modify sensitive information, potentially compromising the software or the database. It has been reported that an attacker may be able to disclose the administrator password hash by exploiting this issue.
http://www.example.com/directory/listing.php?id=[query]
Exploit-DB
eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
exploitdb·2003-02-17
CVE-2004-0300 eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
eCommerce Corporation Online Store Kit 3.0 - 'More.php?id' SQL Injection
---
source: https://www.securityfocus.com/bid/9676/info
Multiple vulnerabilities have been identified in the software due to improper sanitization of user-supplied input. Successful exploitation of these issues could allow an attacker to carry out cross-site scripting and SQL injection attacks via the 'id' parameter of 'more.php' script.
Online Store Kit version 3.0 has been reported to be prone to these issues.
more.php?id='[SQL injection here]&
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=107712117913185&w=2http://secunia.com/advisories/10902/http://securitytracker.com/alerts/2004/Feb/1009092.htmlhttp://www.osvdb.org/3973http://www.securityfocus.com/bid/9676http://www.securityfocus.com/bid/9687http://www.systemsecure.org/advisories/ssadvisory16022004.phphttp://www.zone-h.org/en/advisories/read/id=3972/https://exchange.xforce.ibmcloud.com/vulnerabilities/15232http://marc.info/?l=bugtraq&m=107712117913185&w=2http://secunia.com/advisories/10902/http://securitytracker.com/alerts/2004/Feb/1009092.htmlhttp://www.osvdb.org/3973http://www.securityfocus.com/bid/9676http://www.securityfocus.com/bid/9687http://www.systemsecure.org/advisories/ssadvisory16022004.phphttp://www.zone-h.org/en/advisories/read/id=3972/https://exchange.xforce.ibmcloud.com/vulnerabilities/15232
2004-11-23
Published